48 matches found
CVE-2021-42787
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...
CVE-2021-42786
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected...
Design/Logic Flaw
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected...
Directory traversal
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be...
Directory traversal
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API. The affected endpoint does not have any input validation of the user's input that allows a...
Directory traversal
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...
Directory traversal
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be...
Command injection
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...
Aternity SteelCentral AppInternals 路径遍历漏洞
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A directory traversal vulnerability exists in Aternity SteelCentral AppInternals, which stems from /api/appInternals/1.0/agent/da/pcf that does not perform any validation of user input that allows...
Aternity SteelCentral AppInternals 路径遍历漏洞
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A directory traversal vulnerability exists in Aternity SteelCentral AppInternals, which can be exploited by remote attackers to submit special requests to read and write in the application context...
Aternity SteelCentral AppInternals 安全漏洞
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity USA, Inc. Providing Application Performance Monitoring APM and diagnostics, a security vulnerability exists in Aternity SteelCentral AppInternals, which stems from a configuration file that can map the...
SteelCentral AppInternals Dynamic Sampling Agent 输入验证错误漏洞
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A remote code execution vulnerability exists in Aternity SteelCentral AppInternals, which stems from a failure of a network system or product to properly filter specific elements of external input da...
Aternity SteelCentral AppInternals 路径遍历漏洞
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A directory traversal vulnerability exists in Aternity SteelCentral AppInternals, which stems from the fact that /api/appInternals/1.0/plugin/pmx does not perform any validation of user input that...
Aternity SteelCentral AppInternals 跨站脚本漏洞
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A cross-site scripting vulnerability exists in Aternity SteelCentral AppInternals, which can be exploited by remote attackers to inject malicious script or HTML code...
CVE-2021-42854
The CVE-2021-42854 issue affects SteelCentral AppInternals, specifically the Dynamic Sampling Agent’s PluginServlet. The vulnerability arises from lack of input validation at the /api/appInternals/1.0/plugin/pmx endpoint, enabling directory traversal and potential injection of malicious loads. Pu...
CVE-2021-42854 Directory Traversal Read/Write/Delete at PluginServlet
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be...
CVE-2021-42787
The CVE-2021-42787 entry concerns the SteelCentral AppInternals Dynamic Sampling Agent (DSA) AgentConfigurationServlet. The vulnerability is a directory traversal flaw in the API endpoint /api/appInternals/1.0/agent/configuration, caused by lack of input validation on user input, which could enab...
CVE-2021-42787 Directory Traversal Write/Delete/Partial Read at AgentConfigurationServlet
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...
CVE-2021-42857 Directory Traversal Partial Write at AgentDaServlet
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be...
CVE-2021-42857
The CVE-2021-42857 issue affects SteelCentral AppInternals Dynamic Sampling Agent (DSA) – AgentDaServlet. Affected component: the API at /api/appInternals/1.0/agent/da/pcf. Root cause: input in this endpoint is not validated, enabling directory traversal and potential injection of malicious paylo...