Lucene search
K

48 matches found

OSV
OSV
added 2022/03/10 5:44 p.m.4 views

CVE-2021-42787

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...

9.8CVSS5.8AI score0.01308EPSS
Exploits0References1
NVD
NVD
added 2022/03/10 5:44 p.m.23 views

CVE-2021-42786

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected...

9.8CVSS0.02008EPSS
Exploits0References1
Prion
Prion
added 2022/03/10 5:44 p.m.15 views

Design/Logic Flaw

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected...

7.5CVSS9.6AI score0.02008EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/03/10 5:44 p.m.26 views

Directory traversal

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be...

5CVSS5.5AI score0.01132EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/03/10 5:44 p.m.18 views

Directory traversal

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API. The affected endpoint does not have any input validation of the user's input that allows a...

7.5CVSS9.3AI score0.01544EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/03/10 5:44 p.m.16 views

Directory traversal

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...

7.5CVSS9.5AI score0.01308EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/03/10 5:44 p.m.18 views

Directory traversal

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be...

7.5CVSS9.5AI score0.01544EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/03/10 5:44 p.m.17 views

Command injection

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...

4.6CVSS7.7AI score0.0022EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.4 views

Aternity SteelCentral AppInternals 路径遍历漏洞

Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A directory traversal vulnerability exists in Aternity SteelCentral AppInternals, which stems from /api/appInternals/1.0/agent/da/pcf that does not perform any validation of user input that allows...

5.3CVSS5.8AI score0.01132EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.6 views

Aternity SteelCentral AppInternals 路径遍历漏洞

Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A directory traversal vulnerability exists in Aternity SteelCentral AppInternals, which can be exploited by remote attackers to submit special requests to read and write in the application context...

9.8CVSS5.7AI score0.01544EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.6 views

Aternity SteelCentral AppInternals 安全漏洞

Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity USA, Inc. Providing Application Performance Monitoring APM and diagnostics, a security vulnerability exists in Aternity SteelCentral AppInternals, which stems from a configuration file that can map the...

7.8CVSS5.5AI score0.0022EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.5 views

SteelCentral AppInternals Dynamic Sampling Agent 输入验证错误漏洞

Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A remote code execution vulnerability exists in Aternity SteelCentral AppInternals, which stems from a failure of a network system or product to properly filter specific elements of external input da...

9.8CVSS6.7AI score0.02008EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.6 views

Aternity SteelCentral AppInternals 路径遍历漏洞

Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A directory traversal vulnerability exists in Aternity SteelCentral AppInternals, which stems from the fact that /api/appInternals/1.0/plugin/pmx does not perform any validation of user input that...

9.8CVSS5.8AI score0.01544EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/10 12:0 a.m.5 views

Aternity SteelCentral AppInternals 跨站脚本漏洞

Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A cross-site scripting vulnerability exists in Aternity SteelCentral AppInternals, which can be exploited by remote attackers to inject malicious script or HTML code...

6.1CVSS5.2AI score0.00594EPSS
Exploits0References2
CVE
CVE
added 2022/03/09 4:52 p.m.82 views

CVE-2021-42854

The CVE-2021-42854 issue affects SteelCentral AppInternals, specifically the Dynamic Sampling Agent’s PluginServlet. The vulnerability arises from lack of input validation at the /api/appInternals/1.0/plugin/pmx endpoint, enabling directory traversal and potential injection of malicious loads. Pu...

9.8CVSS9.7AI score0.01544EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/09 4:52 p.m.33 views

CVE-2021-42854 Directory Traversal Read/Write/Delete at PluginServlet

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be...

9.8CVSS9.7AI score0.01544EPSS
Exploits0References1
CVE
CVE
added 2022/03/09 4:51 p.m.82 views

CVE-2021-42787

The CVE-2021-42787 entry concerns the SteelCentral AppInternals Dynamic Sampling Agent (DSA) AgentConfigurationServlet. The vulnerability is a directory traversal flaw in the API endpoint /api/appInternals/1.0/agent/configuration, caused by lack of input validation on user input, which could enab...

9.8CVSS9.7AI score0.01308EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/09 4:51 p.m.26 views

CVE-2021-42787 Directory Traversal Write/Delete/Partial Read at AgentConfigurationServlet

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...

9.4CVSS9.7AI score0.01308EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/09 4:51 p.m.19 views

CVE-2021-42857 Directory Traversal Partial Write at AgentDaServlet

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be...

5.3CVSS5.8AI score0.01132EPSS
Exploits0References1
CVE
CVE
added 2022/03/09 4:51 p.m.91 views

CVE-2021-42857

The CVE-2021-42857 issue affects SteelCentral AppInternals Dynamic Sampling Agent (DSA) – AgentDaServlet. Affected component: the API at /api/appInternals/1.0/agent/da/pcf. Root cause: input in this endpoint is not validated, enabling directory traversal and potential injection of malicious paylo...

5.3CVSS5.5AI score0.01132EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder