Lucene search
K

66 matches found

Positive Technologies
Positive Technologies
added 2025/04/18 12:0 a.m.13 views

PT-2025-17321 · Hewlett Packard · Hp Touchpoint Analytics Service

Name of the Vulnerable Software and Affected Versions: HP Touchpoint Analytics Service versions prior to 4.2.2439 Description: A potential security issue has been identified that could allow a local attacker to escalate privileges. Recommendations: For versions prior to 4.2.2439, update to versio...

6.9CVSS6.5AI score0.00167EPSS
Exploits0References6
OSV
OSV
added 2024/02/29 1:41 a.m.4 views

CVE-2023-43769

An issue was discovered in Couchbase Server through 7.1.4 before 7.1.5 and before 7.2.1. There are Unauthenticated RMI Service Ports Exposed in Analytics...

6.3CVSS5.8AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/13 12:0 a.m.7 views

The vulnerability of the Azure HDInsights data analytics service, related to insufficient access control, allows attackers to escalate their privileges.

The vulnerability of the Azure HDInsight data analytics service is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges through a specially crafted request...

8.3CVSS7.5AI score0.01874EPSS
Exploits0References3
OSV
OSV
added 2023/07/13 3:15 a.m.3 views

CVE-2023-34137

SonicWall GMS and Analytics CAS Web Services application use static values for authentication without proper checks leading to authentication bypass vulnerability. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

9.8CVSS5.8AI score0.00895EPSS
Exploits0References2
OSV
OSV
added 2022/07/12 2:15 p.m.4 views

CVE-2022-33911

An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information...

5.3CVSS5.8AI score0.00818EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/12 2:15 p.m.4 views

CVE-2022-33911

An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information...

5.3CVSS5.7AI score0.00818EPSS
Exploits0References4
NVD
NVD
added 2022/07/12 2:15 p.m.11 views

CVE-2022-33911

An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information...

5.3CVSS0.00818EPSS
Exploits0References3
Prion
Prion
added 2022/07/12 2:15 p.m.14 views

Information disclosure

An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information...

5CVSS5.1AI score0.00818EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.4 views

Couchbase Server 日志信息泄露漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. A security vulnerability exists in Couchbase Server version 7.x up to and including 7.0.4, which stems from a field na...

5.3CVSS5.8AI score0.00818EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/07/11 12:20 p.m.17 views

CVE-2022-33911

An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information...

5.4AI score0.00818EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.20 views

VMware vCenter Server File Upload Vulnerability

VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code...

9.8CVSS9.1AI score0.99999EPSS
In wildExploits11
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.9 views

The vulnerability of the Analytics service in the virtual infrastructure management tool VMware vCenter Server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Analytics service in the virtual infrastructure management tool VMware vCenter Server is related to deficiencies in the segmentation of the controlled system area. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.9AI score0.00236EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/10/08 12:0 a.m.8 views

The vulnerability of the Analytics service in the management tool for virtual infrastructure, VMware vCenter Server, and the virtualization platform, VMware Cloud Foundation, allows a attacker to trigger a service failure.

The vulnerability of the Analytics service in the management tool for VMware vCenter Server and VMware Cloud Foundation virtualization platforms exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS6.9AI score0.0022EPSS
Exploits0References3Affected Software1
0day.today
0day.today
added 2021/10/07 12:0 a.m.585 views

VMware vCenter Server Analytics (CEIP) Service File Upload Exploit

This Metasploit module exploits a file upload in VMware vCenter Server's analytics/telemetry CEIP service to write a system crontab and execute shell commands as the root user. Note that CEIP must be enabled for the target to be exploitable by this module. CEIP is enabled by default. This module...

9.8CVSS9.1AI score0.99999EPSS
Exploits11
VulnCheck KEV
VulnCheck KEV
added 2021/09/24 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-22005

VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code...

9.8CVSS7.4AI score0.99999EPSS
Exploits11References1
OSV
OSV
added 2021/09/23 1:15 p.m.5 views

CVE-2021-22020

The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server...

5.5CVSS7AI score0.0022EPSS
Exploits0References1
NVD
NVD
added 2021/09/23 1:15 p.m.23 views

CVE-2021-22020

The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server...

5.5CVSS0.0022EPSS
Exploits0References1
CVE
CVE
added 2021/09/23 12:16 p.m.97 views

CVE-2021-22020

CVE-2021-22020 is a denial-of-service vulnerability in the Analytics service of VMware vCenter Server. Exploitation relies on input handling in Analytics, leading to DoS. VMware's VMSA-2021-0020 provides updates/patches; CVSSv3.1 shows MEDIUM (5.5) with LOCAL/low complexity. No exploit details ar...

5.5CVSS7.1AI score0.0022EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/09/23 12:16 p.m.25 views

CVE-2021-22020

The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server...

7.5AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2021/09/23 12:15 p.m.3 views

CVE-2021-22007

The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information...

5.5CVSS7.3AI score0.00236EPSS
Exploits0References1
Rows per page
Query Builder