259 matches found
Siemens Simcenter STAR-CCM Privilege Elevation Vulnerability
Siemens Simcenter STAR-CCM is a complete multi-physics field solution from Siemens Germany that simulates products and designs working under real-world conditions. a security vulnerability exists in Siemens Simcenter STAR-CCM, which stems from improperly assigning file permissions to installation...
CVE-2022-43517
A vulnerability has been identified in Simcenter STAR-CCM+ All versions V2306. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain...
Design/Logic Flaw
A vulnerability has been identified in Simcenter STAR-CCM+ All versions V2306. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain...
PT-2022-26953 · Siemens · Simcenter Star-Ccm+
Name of the Vulnerable Software and Affected Versions: Simcenter STAR-CCM+ versions prior to V2306 Description: A vulnerability has been identified in the affected application, where it improperly assigns file permissions to installation folders. This could allow a local attacker with an...
CVE-2022-43517
A vulnerability has been identified in Simcenter STAR-CCM+ All versions V2306. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain...
CVE-2022-43517
CVE-2022-43517 – Simcenter STAR-CCM+ affects all versions prior to V2306. The vulnerability arises from incorrect file/installation-folder permissions, enabling a local unprivileged user to override or modify service executables and gain elevated privileges (CVSS v3.1 base score 7.8). Public refe...
CVE-2022-43517
A vulnerability has been identified in Simcenter STAR-CCM+ All versions V2306. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain...
Siemens Simcenter STAR-CCM+
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...
kubernetes security update
kubernetes 1.22.16-1 - Added Oracle specific build files for Kubernetes - Add preBuildOL8Commands to Jenkinsfile kubernetes 1.23.14-1 - Added Oracle specific build files for Kubernetes kubernetes 1.24.8-1 - Added Oracle specific build files for Kubernetes olcne 1.5.8-4 - Fix 1.21 kubernetes versi...
CVE-2022-41983
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT QuickAssist Technology and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even...
Race condition
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT QuickAssist Technology and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even...
CVE-2022-41983
CVE-2022-41983 describes a BIG-IP TMM vulnerability where, on certain hardware with Intel QAT and AES-GCM/CCM, data may be sent unencrypted despite an SSL profile. Affected BIG-IP branches: 16.x (vuln up to 16.1.3; fix in 16.1.3.1), 15.x (up to 15.1.6; fix in 15.1.7), 14.x (up to 14.1.5; fix in 1...
CVE-2022-41983 BIG-IP TMM Vulnerability CVE-2022-41983
On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT QuickAssist Technology and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. A security vulnerability exists in the F5 BIG-IP that stems from the fact that although it uses Intel QAT QuickAssist Technolo...
Oracle Linux 7 : kubernetes (ELSA-2022-9855)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9855 advisory. - Resolve Kubernetes CVE-2022-3172 for version 1.21 - Resolve Kubernetes CVE-2022-3172 for version 1.22 - Resolve Kubernetes CVE-2022-3172 for version 1.23 -...
CVE-2022-38254
Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...
CVE-2022-38254
Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...
CVE-2022-38254
Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...
UBUNTU-CVE-2022-38254
Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...
CVE-2022-38254
Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...