CyberArk Credential File Insufficient Effective Key Space
Vulnerability Details Affected Vendor: CyberArk Affected Product: Application Access Manager/Credential Provider Affected Version: Prior to 12.1 Platform: Linux/Windows/zOS CWE Classification: CWE-326: Inadequate Encryption Strength CVE ID: CVE-2021-31796 Vulnerability Description CyberArk...
7.5CVSS
0.2AI Score
0.005EPSS
Exploit for Missing Authorization in Citrix Application Delivery Controller Firmware
Citrix ADC RCE 0x01 CreateSession request ```...
6.5CVSS
7.1AI Score
0.975EPSS
5.9CVSS
7.2AI Score
0.003EPSS
Updated rt/perl-Encode packages fix security vulnerability
RT 4.0.0 and above are vulnerable to a limited privilege escalation leading to unauthorized modification of ticket data. The DeleteTicket right and any custom lifecycle transition rights may be bypassed by any user with ModifyTicket (CVE-2012-4733). RT 3.8.0 and above include a version of bin/rt...
8.8CVSS
9.2AI Score
0.014EPSS
Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 does not use a constant-time comparison algorithm for secrets, which makes it easier for remote attackers to obtain sensitive user password information via a timing side-channel...
5.9CVSS
6.8AI Score
0.003EPSS
Debian DLA-988-1 : rt-authen-externalauth security update
It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI (database) mode is vulnerable. For Debian 7 'Wheezy', these problems have been fixed in version...
5.9CVSS
7.9AI Score
0.003EPSS
[SECURITY] [DLA 988-1] rt-authen-externalauth security update
Package : rt-authen-externalauth Version : 0.10-4+deb7u1 CVE ID : CVE-2017-5361 It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI...
5.9CVSS
7.7AI Score
0.003EPSS
Debian DSA-3883-1 : rt-authen-externalauth - security update
It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI (database) mode is...
5.9CVSS
7.5AI Score
0.003EPSS
BestPractical reports : Please reference CVE/URL list for...
8.8CVSS
7.4AI Score
0.012EPSS
[SECURITY] [DSA 3883-1] rt-authen-externalauth security update
Debian Security Advisory DSA-3883-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 15, 2017 https://www.debian.org/security/faq Package : rt-authen-externalauth CVE ID : CVE-2017-5361 It...
5.9CVSS
2.4AI Score
0.003EPSS
[SECURITY] [DSA 3883-1] rt-authen-externalauth security update
Debian Security Advisory DSA-3883-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 15, 2017 https://www.debian.org/security/faq Package : rt-authen-externalauth CVE ID : CVE-2017-5361 It...
5.9CVSS
7.1AI Score
0.003EPSS
[SECURITY] [DSA 3882-1] request-tracker4 security update
Debian Security Advisory DSA-3882-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 15, 2017 https://www.debian.org/security/faq Package : request-tracker4 CVE ID : CVE-2016-6127...
8.8CVSS
1.3AI Score
0.012EPSS
Debian Security Advisory DSA 3883-1 (rt-authen-externalauth - security update)
It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI (database) mode is...
0.2AI Score
0.003EPSS
5.9CVSS
6.9AI Score
0.003EPSS
rt and dependent modules -- multiple security vulnerabilities
BestPractical reports: Please reference CVE/URL list for...
8.8CVSS
7.4AI Score
0.012EPSS
5.9CVSS
6.9AI Score
0.003EPSS
5.9CVSS
7.2AI Score
0.003EPSS
0.4AI Score
7.4AI Score
-0.2AI Score
0.003EPSS
Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11337
The remote host is missing an update for...
6.5AI Score
0.003EPSS
The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the...
6.4AI Score
0.003EPSS
The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the...
6.4AI Score
0.003EPSS
The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the...
7AI Score
0.003EPSS
The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the...
6.3AI Score
0.003EPSS
The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the user." Bugs ...
5.1AI Score
0.003EPSS
Fedora Update for perl-RT-Authen-ExternalAuth FEDORA-2012-11360
The remote host is missing an update for...
6.5AI Score
0.003EPSS
-0.2AI Score
0.003EPSS
FreeBSD Ports: p5-RT-Authen-ExternalAuth
The remote host is missing an update to the system as announced in the referenced...
-0.3AI Score
0.003EPSS
FreeBSD Ports: p5-RT-Authen-ExternalAuth
The remote host is missing an update to the system as announced in the referenced...
6.4AI Score
0.003EPSS
Fedora 17 : perl-RT-Authen-ExternalAuth-0.11-1.fc17 (2012-11337)
update to 0.11 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
-0.6AI Score
0.003EPSS
Fedora 16 : perl-RT-Authen-ExternalAuth-0.11-1.fc16 (2012-11360)
update to 0.11 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
-0.6AI Score
0.003EPSS
[SECURITY] Fedora 17 Update: perl-RT-Authen-ExternalAuth-0.11-1.fc17
A complete package for adding external authentication mechanisms to RT. It currently supports LDAP via Net::LDAP and External Database authentication for any database with an installed DBI...
2.6AI Score
0.003EPSS
[SECURITY] Fedora 16 Update: perl-RT-Authen-ExternalAuth-0.11-1.fc16
A complete package for adding external authentication mechanisms to RT. It currently supports LDAP via Net::LDAP and External Database authentication for any database with an installed DBI...
2.6AI Score
0.003EPSS
FreeBSD : p5-RT-Authen-ExternalAuth -- privilege escalation (cdc4ff0e-d736-11e1-8221-e0cb4e266481)
The RT development team reports : RT::Authen::ExternalAuth 0.10 and below (for all versions of RT) are vulnerable to an escalation of privilege attack where the URL of a RSS feed of the user can be used to acquire a fully logged-in session as that user. CVE-2012-2770 has been assigned to this...
-0.2AI Score
0.003EPSS
p5-RT-Authen-ExternalAuth -- privilege escalation
The RT development team reports: RT::Authen::ExternalAuth 0.10 and below (for all versions of RT) are vulnerable to an escalation of privilege attack where the URL of a RSS feed of the user can be used to acquire a fully logged-in session as that user. ...
6.8AI Score
0.003EPSS