IBM Spectrum Copy Data Management授权问题漏洞

IBM Spectrum Copy Data Management, an IBM company that modernizes, streamlines and automates data center copy management processes, has a security vulnerability that stems from weak authentication and password rules and incorrectly handling of default credentials for the Spectrum Copy Data...

The vulnerability of the shadow_copy2_get_shadow_copy_data function in the Samba networking communication software package, related to information disclosure, allows a perpetrator to gain access to confidential data.

The vulnerability of the shadowcopy2getshadowcopydata function in the Samba networking communication software package is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data remotely...

CloudBees Jenkins Copy data to workspace Plugin Arbitrary File Read Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An arbitrary file read...

CVE-2020-2275

Jenkins Copy data to workspace Plugin 1.0 and earlier does not limit which directories can be copied from the Jenkins controller to job workspaces, allowing attackers with Job/Configure permission to read arbitrary files on the Jenkins controller...

CVE-2020-2275

Jenkins Copy data to workspace Plugin 1.0 and earlier does not limit which directories can be copied from the Jenkins controller to job workspaces, allowing attackers with Job/Configure permission to read arbitrary files on the Jenkins controller...

CVE-2020-2275

Jenkins Copy data to workspace Plugin 1.0 and earlier does not limit which directories can be copied from the Jenkins controller to job workspaces, allowing attackers with Job/Configure permission to read arbitrary files on the Jenkins controller...

PT-2020-15504 · Jenkins · Jenkins Copy Data To Workspace Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Copy data to workspace Plugin versions 1.0 and earlier Description: The issue allows attackers with Job/Configure permission to read arbitrary files on the Jenkins controller due to a lack of limitation on which directories can be...

CloudBees Jenkins ECX Copy Data Management Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A security vulnerability exis...

CVE-2020-2128

Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2128

Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

Design/Logic Flaw

Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2128

Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2020-2128

CVE-2020-2128 affects the Jenkins ECX Copy Data Management Plugin (versions ≤ 1.9). The root cause is passwords stored unencrypted in job config.xml on the Jenkins master. This allows disclosure to users with Extended Read permissions or to anyone with master filesystem access. The provided docum...

PT-2020-15337 · Jenkins · Jenkins Ecx Copy Data Management Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins ECX Copy Data Management Plugin versions 1.9 and earlier Description: The issue allows users with Extended Read permission, or access to the master file system, to view a password stored unencrypted in job config.xml files on the...

CVE-2019-3751

Dell EMC Enterprise Copy Data Management eCDM versions 1.0, 1.1, 2.0, 2.1, and 3.0 contain a certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and...

Dell EMC Enterprise Copy Data Management Certificate Validation Security Bypass Vulnerability

Description Dell EMC Enterprise Copy Data Management is prone to a security-bypass vulnerability because the application fails to properly validate certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid...

CVE-2018-14401

CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read...

The vulnerability of the Core component of the Oracle VM VirtualBox allows a malicious attacker from the guest operating system to execute certain commands or copy data from the host operating system.

The vulnerability of the Core hypervisor component in Oracle VM VirtualBox is related to access control deficiencies. Exploiting this vulnerability allows a malicious individual operating locally on the guest operating system to execute certain commands or copy data from the guest operating syste...

The vulnerability of Samba software allows a remote attacker to compromise the confidentiality of protected information.

The vulnerability exists in Samba under certain settings of shadow copying vfs. It stems from an improper initialization of the SRVSNAPSHOTARRAY field. Exploiting this vulnerability allows remote users who have passed authentication to access confidential information from the process’s memory,...

UBUNTU-CVE-2015-5299

The shadowcopy2getshadowcopydata function in modules/vfsshadowcopy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORYLIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy...