Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-34337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured...

6.3CVSS6.6AI score0.00299EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/04/21 12:0 a.m.21 views

Mailman < 3.3.5 REST API Vulnerability

Mailman is prone to a vulnerability in the REST API. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gnu:mailman"; ifdescription...

6.3CVSS6.1AI score0.00299EPSS
Exploits0References1
Circl
Circl
added 2023/04/16 12:26 a.m.7 views

CVE-2021-34337

creationtimestamp| type| source ---|---|--- 2023-04-16 00:26:55+00:00| seen| https://t.me/cibsecurity/62241...

6.3CVSS6.2AI score0.00299EPSS
Exploits0References1
OSV
OSV
added 2023/04/15 8:16 p.m.24 views

CVE-2021-34337

An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attacke...

6.3CVSS6.6AI score
Exploits0References3
CVE
CVE
added 2023/04/15 12:0 a.m.93 views

CVE-2021-34337

Affected software: Mailman Core before 3.3.5. Vulnerability: REST API timing attack could allow an attacker with local access to deduce the configured REST API password and then perform arbitrary REST API calls. The REST API is bound to localhost by default, but can be configured to listen on oth...

6.3CVSS6.3AI score0.00299EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2022/01/28 3:27 p.m.28 views

CVE-2021-34337

A timing attack was found in the mailman administrative REST API due to the usage of a simple string comparison function when checking the password. This flaw allows an attacker who can talk to the REST API to discover the admin password due to timing leaks...

7.4CVSS3.2AI score0.00299EPSS
Exploits0References3
Rows per page
Query Builder