Lucene search
K

161 matches found

Vulnrichment
Vulnrichment
added 2023/02/28 4:21 p.m.11 views

CVE-2023-0339 AM Web Policy Agent path traversal

Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1...

9.1CVSS9.5AI score0.00973EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/28 4:21 p.m.26 views

CVE-2023-0339 AM Web Policy Agent path traversal

Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1...

9.1CVSS9.6AI score0.00973EPSS
Exploits0References2
CVE
CVE
added 2023/02/28 4:21 p.m.79 views

CVE-2023-0339

CVE-2023-0339 is a Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent that allows authentication bypass. Affected: ForgeRock Access Management Web Policy Agent versions up to 5.10.1. Impact described as potential authentication bypass with high confidentiality/i...

9.8CVSS9.3AI score0.00973EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/02/28 12:0 a.m.4 views

ForgeRock Access Management 路径遍历漏洞

ForgeRock Access Management is a comprehensive, unified solution from ForgeRock USA designed to quickly enable a superior experience tailored to the unique needs of users and employees. A security vulnerability exists in ForgeRock Access Management Web Policy Agent version 5.10.1 and prior...

9.8CVSS8.5AI score0.00973EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.6 views

PT-2023-16321 · Forgerock · Forgerock Access Management Java Policy Agent

Name of the Vulnerable Software and Affected Versions: ForgeRock Access Management Java Policy Agent versions up to 5.10.1 Description: The issue is related to a Relative Path Traversal vulnerability that allows Authentication Bypass in the ForgeRock Access Management Java Policy Agent...

9.8CVSS9.1AI score0.00973EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/02/28 12:0 a.m.5 views

ForgeRock Access Management 路径遍历漏洞

ForgeRock Access Management is a comprehensive, unified solution from ForgeRock USA designed to quickly enable superior experiences tailored to the unique needs of users and employees. A security vulnerability exists in ForgeRock Access Management Java Policy Agent version 5.10.1 and prior...

9.8CVSS8.5AI score0.00973EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.10 views

PT-2023-16192 · Forgerock · Forgerock Access Management Web Policy Agent

Name of the Vulnerable Software and Affected Versions: ForgeRock Access Management Web Policy Agent versions up to 5.10.1 Description: The issue is related to a Relative Path Traversal vulnerability that allows Authentication Bypass in the ForgeRock Access Management Web Policy Agent...

9.8CVSS9.2AI score0.00973EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2022/12/06 11:0 a.m.72 views

Telecom and BPO Companies Under Attack by SIM Swapping Hackers

A persistent intrusion campaign has set its eyes on telecommunications and business process outsourcing BPO companies at lease since June 2022. "The end objective of this campaign appears to be to gain access to mobile carrier networks and, as evidenced in two investigations, perform SIM swapping...

10CVSS10AI score0.99999EPSS
Exploits8
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.5 views

PT-2022-16789 · Forgerock · Access Management

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An attacker can use unrestricted LDAP queries to determine configuration entries. Recommendations: At the moment, there is no information about a newer...

7.1CVSS6.3AI score0.00546EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/10/27 12:0 a.m.6 views

ForgeRock Access Management 安全漏洞

ForgeRock Access Management is a comprehensive, unified solution from ForgeRock USA designed to quickly enable superior experiences tailored to the unique needs of users and employees. A security vulnerability exists in ForgeRock Access Management. An attacker exploited the vulnerability to...

7.1CVSS6.6AI score0.00546EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2022/10/07 10:18 a.m.392 views

Exploit for Injection in Forgerock Openam

CVE-2021-29156 done right This Proof of Concept is realized b...

7.5CVSS7.6AI score0.76385EPSS
Exploits5
CNNVD
CNNVD
added 2022/09/19 12:0 a.m.3 views

ForgeRock LDAP connector 安全漏洞

The ForgeRock LDAP connector is a connector from ForgeRock USA, Inc. It enables you to integrate synchronization services with LDAP v3 servers. A security vulnerability exists in ForgeRock LDAP connector versions prior to 1.5.20.9, which stems from a vulnerability that allows unauthenticated acce...

9.8CVSS8.3AI score0.00545EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2022/04/22 11:43 a.m.115 views

Researcher Releases PoC for Recent Java Cryptographic Vulnerability

A proof-of-concept PoC code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 CVSS score: 7.5, impacts the following versions of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE:...

7.5CVSS0.3AI score0.48235EPSS
Exploits6
NVD
NVD
added 2022/02/14 10:15 p.m.14 views

CVE-2021-4201

Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior...

9.8CVSS0.01978EPSS
Exploits0References1
OSV
OSV
added 2022/02/14 10:15 p.m.0 views

CVE-2021-4201

Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior...

9.8CVSS5.8AI score0.01978EPSS
Exploits0References1
Prion
Prion
added 2022/02/14 10:15 p.m.14 views

Improper access control

Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior...

7.5CVSS9.4AI score0.01978EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/02/14 9:4 p.m.21 views

CVE-2021-4201 Pre-authentication session hijacking

Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior...

9.6CVSS9.7AI score0.01978EPSS
Exploits0References1
CVE
CVE
added 2022/02/14 9:4 p.m.113 views

CVE-2021-4201

CVE-2021-4201 describes a missing access control in ForgeRock Access Management, affecting 7.1.x before 7.1.1 and 6.5.x before 6.5.4, plus all earlier versions. The issue allows remote unauthenticated attackers to hijack sessions, potentially including admin-level sessions. Connected sources corr...

9.8CVSS9.6AI score0.01978EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/02/14 12:0 a.m.6 views

ForgeRock Access Management授权问题漏洞

Forgerock ForgeRock Access Management is a comprehensive, unified solution from ForgeRock USA Forgerock designed to quickly enable a superior experience tailored to the unique needs of users and employees. A security vulnerability exists in ForgeRock Access Management 7.1.0, which stems from a la...

9.8CVSS8.3AI score0.01978EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2021/11/03 1:21 p.m.747 views

Exploit for Injection in Forgerock Openam

CVE-2021-29156 Proof-of-Concept c 2021 GuidePoint Security...

7.5CVSS7.5AI score0.76385EPSS
Exploits5
Rows per page
Query Builder