Lucene search
K

168 matches found

Positive Technologies
Positive Technologies
added 2024/05/09 12:0 a.m.9 views

PT-2024-5328 · Dell · Dell Edge Gateway Bios

Name of the Vulnerable Software and Affected Versions: Dell Edge Gateway BIOS versions 3200 and 5200 Description: The issue is related to an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to exposu...

5.7CVSS7.9AI score0.00165EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2023/10/25 12:0 a.m.5 views

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP Camer-Grade NAT (CGNAT), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Edge Gateway, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe, when running on the BIG-IP TMOS Shel operating system, allow attackers to expose the protected information.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibili...

4.4CVSS5.5AI score0.00175EPSS
Exploits0References3Affected Software19
BDU FSTEC
BDU FSTEC
added 2023/10/25 12:0 a.m.8 views

The vulnerabilities of the BIG-IP Access Policy Manager, as well as the associated software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP Camer-Grade NAT (CGNAT), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Edge Gateway, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe, are related to memory leak-related errors, allowing attackers to trigger service interruptions.

The vulnerabilities of the BIG-IP Access Policy Manager, as well as of software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibili...

7.8CVSS7.3AI score0.00538EPSS
Exploits0References3Affected Software20
OSV
OSV
added 2023/09/14 7:16 p.m.4 views

CVE-2023-39285

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modifi...

4.3CVSS5.8AI score0.00233EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/09/14 7:16 p.m.6 views

CVE-2023-39285

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modifi...

4.3CVSS5.8AI score0.00233EPSS
Exploits0References2
NVD
NVD
added 2023/09/14 7:16 p.m.21 views

CVE-2023-39285

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modifi...

4.3CVSS4.7AI score0.00233EPSS
Exploits0References1
Prion
Prion
added 2023/09/14 7:16 p.m.18 views

Cross site request forgery (csrf)

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modifi...

4.3CVSS4.8AI score0.00233EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/14 12:0 a.m.12 views

CVE-2023-39285

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modifi...

7AI score0.00233EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/14 12:0 a.m.4 views

PT-2023-26867 · Mitel · Mitel Mivoice Connect

Name of the Vulnerable Software and Affected Versions: Mitel MiVoice Connect versions through 19.3 SP3 22.24.5800.0 Description: A vulnerability in the Edge Gateway component could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request...

4.3CVSS4.7AI score0.00233EPSS
Exploits0References3
CVE
CVE
added 2023/09/14 12:0 a.m.42 views

CVE-2023-39285

CVE-2023-39285 affects Mitel MiVoice Connect, Edge Gateway component, up to version 19.3 SP3 (22.24.5800.0). The vulnerability is a CSRF due to insufficient request validation, allowing an unauthenticated attacker to provide a modified URL and potentially modify system configuration settings. Con...

4.3CVSS4.7AI score0.00233EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/14 12:0 a.m.31 views

CVE-2023-39285

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an unauthenticated attacker to perform a Cross Site Request Forgery CSRF attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modifi...

5AI score0.00233EPSS
Exploits0References1
NVD
NVD
added 2023/08/25 10:15 p.m.27 views

CVE-2023-39290

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view syst...

4.9CVSS4.8AI score0.0046EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/08/25 10:15 p.m.3 views

CVE-2023-39290

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view syst...

4.9CVSS5.8AI score0.0046EPSS
Exploits0References3
OSV
OSV
added 2023/08/25 10:15 p.m.8 views

CVE-2023-39290

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view syst...

4.9CVSS5.8AI score0.0046EPSS
Exploits0References2
NVD
NVD
added 2023/08/25 10:15 p.m.22 views

CVE-2023-39287

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit...

5.5CVSS5.6AI score0.00509EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/08/25 10:15 p.m.5 views

CVE-2023-39287

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit...

5.5CVSS6AI score0.00509EPSS
Exploits0References3
OSV
OSV
added 2023/08/25 10:15 p.m.5 views

CVE-2023-39287

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit...

5.5CVSS5.8AI score0.00509EPSS
Exploits0References2
Prion
Prion
added 2023/08/25 10:15 p.m.16 views

Design/Logic Flaw

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit...

4.7CVSS5.6AI score0.00509EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/25 10:15 p.m.21 views

Information disclosure

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view syst...

3.3CVSS4.8AI score0.0046EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/25 12:0 a.m.13 views

CVE-2023-39287

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 22.24.5800.0 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit...

6.8AI score0.00509EPSS
Exploits0References2
Rows per page
Query Builder