78 matches found
CVE-2021-43269
In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config PAC file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; and CrashPlan for Small Business. Incydr...
CVE-2021-43269
CVE-2021-43269 affects Code42 app prior to 8.8.0. An eval injection could allow an attacker to modify a device’s proxy configuration to point at a malicious PAC file, enabling arbitrary code execution. Affected: Incydr Basic, Advanced, Gov F1; CrashPlan Cloud; CrashPlan for Small Business (Incydr...
Code42 Software CrashPlan for Small Business 代码注入漏洞
Code42 Software CrashPlan for Small Business is an automated data loss protection solution from US-based Code42 Software. Code42 Software CrashPlan for Small Business suffers from a code injection vulnerability that originates in Code42 applications prior to version 8.8.0. eval injection allows a...
Code42 Incydr Series: Bringing Shadow IT into the light with Code42 Incydr
Shadow IT is hardly a hidden threat to security professionals. Gartner was warning, way back in 2016, that 1 in 3 successful attacks experienced by enterprises would come from the use of unsanctioned apps by 2020. Code42’s Data Exposure Report just about proves Gartner’s prediction, showing that...
CVE-2020-12736
Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. When an administrator creates a local non-SSO user via a Code42-generated email, the administrator has the option to modify content for the email invitation. If the administrator enter...
CVE-2020-12736
Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. When an administrator creates a local non-SSO user via a Code42-generated email, the administrator has the option to modify content for the email invitation. If the administrator enter...
Code injection
Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. When an administrator creates a local non-SSO user via a Code42-generated email, the administrator has the option to modify content for the email invitation. If the administrator enter...
CVE-2020-12736
Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. When an administrator creates a local non-SSO user via a Code42-generated email, the administrator has the option to modify content for the email invitation. If the administrator enter...
CVE-2020-12736
CVE-2020-12736 affects Code42 on-premises servers (versions 7.0.4 and earlier). The issue arises when an administrator creates a local (non-SSO) user via a Code42-generated invitation email and includes template language in the subject line; the email generation service may interpret that code, l...
Code42 Software Code42 server code issue vulnerability
Code42 Software Code42 is an enterprise-class data protection system from Code42 Software. Code42 server is a server-side program for Code42 that detects insider threats and prevents data leakage and loss. A code issue vulnerability exists in Code42 Software Code42 server 7.0.2 and earlier versio...
Code42 Software Code42 app code issue vulnerability
Code42 Software Code42 is an enterprise-grade data protection system from Code42 Software, USA. Code42 is an enterprise-class data protection system from Code42 Software that detects insider threats and prevents data leakage and loss.Code42 app is an application for Code42. A code issue...
CVE-2019-16860
Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local machine could create or modify a dynamic-link library DLL. The Code42 service could then load it at runtime, and potentially execute arbitrary code at an...
CVE-2019-16861
Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library DLL. The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated...
CVE-2019-16861
Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library DLL. The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated...
CVE-2019-16860
Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local machine could create or modify a dynamic-link library DLL. The Code42 service could then load it at runtime, and potentially execute arbitrary code at an...
Code injection
Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local machine could create or modify a dynamic-link library DLL. The Code42 service could then load it at runtime, and potentially execute arbitrary code at an...
Code injection
Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library DLL. The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated...
CVE-2019-16861
Code42 server through 7.0.2 for Windows has an Untrusted Search Path. In certain situations, a non-administrative attacker on the local server could create or modify a dynamic-link library DLL. The Code42 service could then load it at runtime, and potentially execute arbitrary code at an elevated...
CVE-2019-16861
Code42 Server up to version 7.0.2 on Windows is affected by an Untrusted Search Path vulnerability. A non-administrative attacker on the local server could create or modify a DLL that the Code42 service loads at runtime, potentially executing arbitrary code with elevated privileges on the local s...
CVE-2019-16860
CVE-2019-16860 affects Code42 app (Windows) up to v7.0.2. An Untrusted Search Path could let a non-admin local attacker create/modify a DLL that the Code42 service loads at runtime, potentially enabling arbitrary code execution with elevated privileges. Red Hat and CNVD entries confirm the same d...