CVE-2023-33228 SolarWinds Network Configuration Manager Sensitive Information Disclosure Vulnerability

The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information...

CVE-2023-33228

CVE-2023-33228 affects SolarWinds Network Configuration Manager. The issue permits users with administrative access to the SolarWinds Web Console to disclose sensitive information. According to NVD, AV Network, PR High, UI N, S U, C High, I/N, A None with a 3.1 base score of 4.9 (Medium). Related...

CVE-2023-33227

Summary (CVE-2023-33227): The Network Configuration Manager (SolarWinds) is affected by a Directory Traversal Remote Code Execution vulnerability. A low-level user can execute actions with SYSTEM privileges. Multiple connected sources (NVD/Red Hat/Nessus/NCSC) confirm the issue and note that reme...

CVE-2023-33226

CVE-2023-33226 affects SolarWinds Network Configuration Manager (NCM). Multiple connected sources describe a Directory Traversal Remote Code Execution flaw in NCM, enabling code execution with SYSTEM privileges after exploiting path handling in ExportConfigs (root cause: improper validation of us...

CVE-2023-33226 Directory Traversal Remote Code Execution Vulnerability

The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges...

CVE-2023-33226 Directory Traversal Remote Code Execution Vulnerability

The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges...

SolarWinds Network Configuration Manager Path Traversal Vulnerability

SolarWinds Network Configuration Manager is an easy-to-use solution from SolarWinds USA. A path traversal vulnerability exists in SolarWinds Network Configuration Manager. An attacker could exploit this vulnerability to cause remote code execution...

Security Bulletin: Due to the use of XStream, IBM Tivoli Netcool Configuration Manager is vulnerable to Denial of Service (DoS) attacks

Summary XStream is used in ITNCM to serialize XML data and may be vulnerable to Denial of Service attacks DoS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by causing a stackoverflow. This effect may support a denial of service...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2023-35890)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

Security Bulletin: Multipe vulnerabilities exists in the IBM® SDK, Java™ Technology Edition affects IBM Tivoli Network Configuration Manager.

Summary Multipe vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration v6.4.2. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597 Vulnerability Details...

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager (CVE-2023-22045, CVE-2023-22049).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2 Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a...

The vulnerability in the Nagios XI monitoring tool’s script/ncludes/comComponents/ccm/index.php allows a attacker to execute arbitrary code.

The vulnerability in the nagiosxi/includes/comComponents/ccm/index.php script of the Core Configuration Manager monitoring tool for Nagios XI is related to the lack of security measures taken to protect the SQL query structure when processing parameters tfFirstNotif, tfLastNotif, and...

CVE-2023-40934

A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...

CVE-2023-40934

A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...

CVE-2023-40934

A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...

Sql injection

A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...

CVE-2023-40934

A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...

CVE-2023-40934

A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...

Nagios XI SQL Injection Vulnerability

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI version 5.11.1 and earlier, which originated from a...

编号撤回

Red Hat Ansible is a computer system configuration manager from Red Hat, an American company. The product can be used to distribute, manage, and program computer systems. This CVE number has been withdrawn...