Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Carbon Black Security Vulnerabilities

cve
cve

CVE-2014-1615

Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black before 4.1.0 allow remote attackers to hijack the authentication of administrators for requests that add new administrative users and have other unspecified action, as demonstrated by a request to api/user.

7.5AI Score

0.002EPSS

2014-04-22 02:23 PM
21
cve
cve

CVE-2016-9568

A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and perform unauthorized actions.

9.8CVSS

9.3AI Score

0.007EPSS

2018-02-19 07:29 PM
19
cve
cve

CVE-2016-9569

The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial of service (out-of-bounds read and system crash) via a large counter value in an 0x62430028 IOCTL call.

4.4CVSS

4.5AI Score

0.0004EPSS

2018-02-12 06:29 PM
17
cve
cve

CVE-2016-9570

cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service (out-of-bounds read, invalid pointer dereference, and application crash) by leveraging access to the NetMon named pipe.

7.5CVSS

7.3AI Score

0.001EPSS

2018-02-12 06:29 PM
20