Lucene search

K

Controller 7000 Security Vulnerabilities

cve
cve

CVE-2024-22383

Missing release of resource after effective lifetime (CWE-772) in the Controller 7000 resulted in HBUS connected T-Series readers to not automatically recover after coming under attack over the RS-485 interface, resulting in a persistent denial of service. This issue affects: All variants of the...

6.2CVSS

6.2AI Score

0.0004EPSS

2024-03-05 03:15 AM
36
cve
cve

CVE-2023-6355

Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass some protection mechanisms to enable local debug. This issue affects: Gallagher Controller 7000 9.00 prior to vCR9.00.231204b (distributed in 9.00.1507 (MR1)), 8.90 prior to vCR8.90.231204a...

6.8CVSS

6.4AI Score

0.001EPSS

2023-12-18 10:15 PM
12
cve
cve

CVE-2023-22439

Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000 optional diagnostic web interface (Port 80) can be used to perform a Denial of Service of the diagnostic web interface. This issue affects: Gallagher Controller 6000 and 7000 8.90 prior to vCR8.90.231204a.....

4.3CVSS

4.6AI Score

0.0005EPSS

2023-12-18 10:15 PM
7
cve
cve

CVE-2021-23859

An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of a standalone VRM or BVMS with VRM installation this crash also opens the possibility to send further unauthenticated commands to the service. On some products the interface is only local.....

9.1CVSS

7.6AI Score

0.001EPSS

2021-12-08 10:15 PM
18
7
cve
cve

CVE-2019-6195

An authorization bypass exists in Lenovo XClarity Controller (XCC) versions prior to 3.08 CDI340V, 3.01 TEI392O, 1.71 PSI328N where a valid authenticated user with lesser privileges may be granted read-only access to higher-privileged information if 1) “LDAP Authentication Only with Local...

4.8CVSS

5.1AI Score

0.001EPSS

2020-02-14 05:15 PM
65
cve
cve

CVE-2019-6957

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building Integration System (BIS) with Video Engine, Access....

9.8CVSS

9.3AI Score

0.004EPSS

2019-05-29 07:29 PM
126
cve
cve

CVE-2019-6958

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC),...

9.1CVSS

9AI Score

0.002EPSS

2019-05-29 07:29 PM
127
cve
cve

CVE-2019-1690

A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6...

6.5CVSS

6.5AI Score

0.001EPSS

2019-03-11 09:29 PM
28
cve
cve

CVE-2015-8611

BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 2000, 4000, 5000, 7000, and 10000 platforms do not properly sync passwords with the Always-On Management (AOM) subsystem, which might allow remote attackers to obtain login access to AOM via an (1)...

9.8CVSS

9.3AI Score

0.005EPSS

2016-01-12 08:59 PM
20
cve
cve

CVE-2014-4811

IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP...

6.9AI Score

0.006EPSS

2014-09-12 01:55 AM
32