Lucene search
K

10 matches found

NVD
NVD
added 2023/02/20 4:15 p.m.41 views

CVE-2023-25569

Apollo is a configuration management system. Prior to version 2.1.0, a low-privileged user can create a special web page. If an authenticated portal admin visits this page, the page can silently send a request to assign new roles for that user without any confirmation from the Portal admin. Cooki...

5.7CVSS5.5AI score0.00351EPSS
Exploits0References5
OSV
OSV
added 2023/02/20 3:12 p.m.30 views

CVE-2023-25569 apollo-portal has potential CSRF issue

Apollo is a configuration management system. Prior to version 2.1.0, a low-privileged user can create a special web page. If an authenticated portal admin visits this page, the page can silently send a request to assign new roles for that user without any confirmation from the Portal admin. Cooki...

5.7CVSS5.5AI score0.00351EPSS
Exploits0References7
CNVD
CNVD
added 2021/05/14 12:0 a.m.3 views

SQL Injection Vulnerability in the File Server Configuration Management System of UFIDA Network Technology Corporation (CNVD-2021-37324)

Founded in 1988, UFIDA is a global provider of advanced cloud services, software, and financial services for enterprises and public organizations. A SQL injection vulnerability exists in the File Server Configuration Management System of UFIDA Network Technology Co., Ltd. that can be exploited by...

7.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/06/26 12:0 a.m.5 views

The vulnerability in the modules/serverdensity_device.py of the configuration management system and SaltStack remote execution module allows a perpetrator to gain unauthorized access to confidential data, cause service failures, or compromise data integrity.

The vulnerability in the modules/serverdensitydevice.py module of the Configuration Management system and SaltStack’s remote execution feature is related to a data processing error. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data, cause service...

5.3CVSS6.1AI score0.00428EPSS
Exploits0References5Affected Software3
NVD
NVD
added 2018/07/18 11:29 p.m.24 views

CVE-2018-0345

A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due t...

9CVSS9AI score0.03EPSS
Exploits0References2
Prion
Prion
added 2018/07/18 11:29 p.m.18 views

Input validation

A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due t...

9CVSS8.9AI score0.03EPSS
Exploits0References2Affected Software7
CNVD
CNVD
added 2018/05/25 12:0 a.m.2 views

Micro Focus Universal CMDB, CMS and UCMDB Browser Cross-Site Scripting Vulnerabilities

Micro Focus Universal CMDB, CMS and UCMDB Browser are all products of Micro Focus, a UK-based company. Micro Focus Universal CMDB is a resource management solution; CMS is a CMDB configuration management system; UCMDB Browser is a lightweight, web-based client for accessing UCMDB Universal...

6.3CVSS6.2AI score0.00653EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/07/14 12:0 a.m.18 views

HP/HPE/Micro Focus Universal CMDB Detection (HTTP)

HTTP based detection of HP/HPE/Micro Focus Universal CMDB. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

7.1AI score
Exploits0References1
CNVD
CNVD
added 2015/02/04 12:0 a.m.5 views

HP CMS UCMDB Information Disclosure Vulnerability

HP CMS is a configuration management system CMS from Hewlett-Packard HP in the United States that collects, stores, manages, updates, and presents data related to IT service configuration projects, including software and infrastructure.The UCMDB Unionized Configuration Management Database is one ...

5CVSS6.3AI score0.37022EPSS
Exploits5References1
OpenVAS
OpenVAS
added 2012/04/30 12:0 a.m.27 views

Debian: Security Advisory (DSA-2451-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS6.4AI score0.02632EPSS
Exploits0References3
Rows per page
Query Builder