camel-http: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers

A flaw was found in the Apache Camel embedded HTTP server and embedded management server camel-platform-http-main. When authentication is enabled and a non-root context path is configured, the authentication handler incorrectly matches only the exact configured path, not its subpaths. This allows...

CVE-2026-40620

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

CVE-2026-40620 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

CVE-2026-40620

SenseLive X3050 is affected by a network‑accessible vulnerability in its embedded management service that permits full administrative control without authentication or authorization. The issue enables any reachable host using a vendor or compatible client to modify critical configuration paramete...

SenseLive X3050 访问控制错误漏洞

The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a access control vulnerability, which stems from the lack of authentication or authorization in the embedded management services. This...

Lenovo XClarity Controller 安全漏洞

Lenovo XClarity Controller Lenovo XCC is a server embedded management engine from Lenovo China. It is primarily used to standardize and automate basic server management tasks. A security vulnerability exists in Lenovo XClarity Controller, which stems from a specially constructed file upload that...

Lenovo XClarity Controller 安全漏洞

Lenovo XClarity Controller Lenovo XCC is a server-embedded management engine from Lenovo China that is used to standardize and automate basic server management tasks. A security vulnerability exists in Lenovo XClarity Controller. An attacker can exploit the vulnerability to elevate privileges...

The vulnerability of the vApp Manager component in corporate storage and data management systems like VMAX EMC Unisphere, EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, EMC VMAX Embedded Management allows a malicious actor to gain unauthorized access to the system.

The vulnerability of the vApp Manager component VMAX Virtual Appliance Manager in corporate storage and data management systems like VMAX EMC Unisphere, EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and EMC VMAX Embedded Management eManagement is related to the use of pre-installed...

CVE-2018-1215

An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

CVE-2018-1216

A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

CVE-2018-1215

An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

Hardcoded credentials

A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

CVE-2018-1216

A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management eManagement: Dell EMC Unisphere for VMAX Virtual Appliance versions prior to...

Vulnerability of EMC Unisphere for VMAX Virtual Appliance, EMC VMAX Embedded Management, EMC VASA Virtual Appliance, and EMC Solutions Enabler Virtual Appliance systems lies in their lack of access control mechanisms. This vulnerability allows attackers to bypass authentication procedures.

The vulnerabilities of EMC Unisphere for VMAX Virtual Appliance, EMC VMAX Embedded Management, EMC VASA Virtual Appliance, and EMC Solutions Enabler Virtual Appliance are related to deficiencies in access control. Exploiting these vulnerabilities could allow a malicious actor to bypass...

Authentication flaw

EMC Unisphere for VMAX Virtual Appliance vApp versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management eManagement versions prior to and including 1.4 Enginuity Release...

CVE-2017-14375

EMC Unisphere for VMAX Virtual Appliance vApp versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management eManagement versions prior to and including 1.4 Enginuity Release...

Design/Logic Flaw

Unspecified vulnerability in the embedded management console in HP iLO-2 Management Processors iLO-2 MP, as used in Integrity Servers rx2660, rx3600, and rx6600, and Integrity Blade Server model bl860c, allows remote attackers to cause a denial of service via unknown vectors...