Lucene search
K

112 matches found

Kitploit
Kitploit
added 2022/08/30 12:30 p.m.36 views

Masky - Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory

Masky is a python library providing an alternative way to remotely dump domain users' credentials thanks to an ADCS. A command line tool has been built on top of this library in order to easily gather PFX, NT hashes and TGT on a larger scope. This tool does not exploit any new vulnerability and...

7.6AI score
Exploits0References13
ATTACKERKB
ATTACKERKB
added 2022/08/05 4:15 p.m.5 views

CVE-2022-31656

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...

9.8CVSS5.4AI score0.18285EPSS
Exploits1References4
OSV
OSV
added 2022/08/05 4:15 p.m.5 views

CVE-2022-31656

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...

9.8CVSS5.5AI score0.18285EPSS
Exploits1References1
Prion
Prion
added 2022/08/05 4:15 p.m.38 views

Authentication flaw

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...

7.5CVSS9.2AI score0.18285EPSS
Exploits1References1Affected Software4
Cvelist
Cvelist
added 2022/08/05 3:7 p.m.32 views

CVE-2022-31656

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...

9.6AI score0.18285EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/08/02 12:0 a.m.7 views

PT-2022-3966 · Vmware · Identity Manager +2

Name of the Vulnerable Software and Affected Versions: VMware Workspace ONE Access, Identity Manager and vRealize Automation affected versions not specified Description: The issue is related to an authentication bypass vulnerability affecting local domain users. A malicious actor with network...

9.8CVSS9.1AI score0.18285EPSS
Exploits1References16
OpenVAS
OpenVAS
added 2022/05/25 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1763)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8AI score0.74042EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/20 9:15 p.m.149 views

CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. Rapid7 Analysis...

10CVSS7.4AI score0.99997EPSS
In wildExploits26References3
NVD
NVD
added 2022/05/20 9:15 p.m.28 views

CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...

9.8CVSS0.52813EPSS
Exploits3References1
OSV
OSV
added 2022/05/20 9:15 p.m.31 views

CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...

9.8CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2022/05/20 8:18 p.m.27 views

CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...

9.5AI score0.52813EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2022/05/18 12:0 a.m.8 views

PT-2022-2603

Name of the Vulnerable Software and Affected Versions VMware Workspace ONE Access, Identity Manager and vRealize Automation affected versions not specified Description The issue is related to an authentication bypass vulnerability affecting local domain users. A malicious actor with network acces...

9.8CVSS7.5AI score0.52813EPSS
Exploits3References29
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 11:2 a.m.49 views

Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2020-25717)

Summary A Samba vulnerability affects IBM Spectrum Scale SMB protocol access method that could allow remote authenticated attacker to gain elevated privileges . Vulnerability Details CVEID: CVE-2020-25717 DESCRIPTION: Samba could allow a remote authenticated attacker to gain elevated privileges o...

8.1CVSS2.4AI score0.01612EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2022/04/19 12:0 a.m.328 views

ManageEngine ADSelfService Plus 6.1 User Enumeration

Exploit Title: ManageEngine ADSelfService Plus 6.1 - User Enumeration Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: ADSelfService 6.1 Build 6121 Tested Against:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/04/18 12:0 a.m.51 views

EulerOS Virtualization 2.10.0 : samba (EulerOS-SA-2022-1413)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext...

9CVSS6.6AI score0.02025EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2022/02/25 12:0 a.m.57 views

EulerOS 2.0 SP10 : samba (EulerOS-SA-2022-1258)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over t...

9CVSS6.7AI score0.02025EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2022/02/21 2:30 p.m.7 views

CVE-2022-0564

A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow the attacker to compare the response time...

5.3CVSS6.1AI score0.01356EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2022/02/21 12:0 a.m.11 views

PT-2022-13264 · Qlik · Qlik Sense Enterprise

Name of the Vulnerable Software and Affected Versions: Qlik Sense Enterprise on Windows affected versions not specified Description: A vulnerability in Qlik Sense Enterprise on Windows could allow a remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by...

5.3CVSS5.2AI score0.01356EPSS
Exploits0References6
NVD
NVD
added 2022/02/18 6:15 p.m.23 views

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation...

8.5CVSS0.01612EPSS
Exploits0References3
OSV
OSV
added 2022/02/18 6:15 p.m.4 views

ALPINE-CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation...

8.1CVSS6.2AI score0.01612EPSS
Exploits0References1
Rows per page
Query Builder