Lucene search

K

Streaming Data Platform Security Vulnerabilities

cve
cve

CVE-2023-28069

Dell Streaming Data Platform prior to 1.4 contains Open Redirect vulnerability. A remote unauthenticated attacker can phish the legitimate user to redirect to malicious website leading to information disclosure and launch of phishing...

6.1CVSS

5.4AI Score

0.001EPSS

2023-04-05 08:15 AM
15
cve
cve

CVE-2021-4104

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in...

7.5CVSS

9.1AI Score

0.976EPSS

2021-12-14 12:15 PM
784
In Wild
15
cve
cve

CVE-2021-36329

Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. A remote malicious user may potentially exploit this vulnerability to gain sensitive...

6.5CVSS

6.6AI Score

0.001EPSS

2021-11-30 09:15 PM
14
cve
cve

CVE-2021-36328

Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A remote malicious user may potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions and retrieve sensitive information from the...

8.8CVSS

8.9AI Score

0.001EPSS

2021-11-30 09:15 PM
16
cve
cve

CVE-2021-36330

Dell EMC Streaming Data Platform versions before 1.3 contain an Insufficient Session Expiration Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to reuse old session artifacts to impersonate a legitimate...

9.8CVSS

9.4AI Score

0.004EPSS

2021-11-30 09:15 PM
18
cve
cve

CVE-2021-36326

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted...

6.5CVSS

6.4AI Score

0.002EPSS

2021-11-30 09:15 PM
18
cve
cve

CVE-2021-36327

Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to perform port scanning of internal networks and make HTTP requests to an arbitrary domain of the attacker's...

5.3CVSS

5.4AI Score

0.001EPSS

2021-11-30 09:15 PM
16