Lucene search
K

69 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/09/02 3:44 p.m.182 views

Active Exploitation of Confluence Server & Confluence Data Center: CVE-2021-26084

This attack is ongoing. See the Updates section at the end of this post for new information as it comes to light. On August 25, 2021, Atlassian published details on CVE-2021-26084, a critical remote code execution vulnerability in Confluence Server and Confluence Data Center. The vulnerability...

7.5CVSS0.3AI score0.99999EPSS
Exploits45
Rapid7 Blog
Rapid7 Blog
added 2021/07/08 8:0 p.m.65 views

Apple Silicon Support on Insight Agent

We are pleased to announce the general availability of native support of Apple Silicon chips for the Rapid7 Insight Agent! The Insight Agent has been fully validated and tested to run on the new Apple Silicon systems natively, and does not require Rosetta 2 to install or operate. This ensures...

0.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/02/19 3:15 p.m.43 views

Take the Full-Stack Approach to Securing Your Modern Attack Surface

A growing remote-work culture demands a graduation in the approach to security. It’s time to test, monitor, secure, and extend to the application layer. A modern methodology for vulnerability management VM is vital for organizations looking to minimize attack surfaces by prioritizing potential...

0.4AI score
Exploits0
OSV
OSV
added 2019/07/13 1:15 a.m.4 views

CVE-2019-5629

Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by...

7.8CVSS7.1AI score0.00868EPSS
Exploits1References5
NVD
NVD
added 2019/07/13 1:15 a.m.26 views

CVE-2019-5629

Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by...

7.8CVSS7.6AI score0.00868EPSS
Exploits1References5
Prion
Prion
added 2019/07/13 1:15 a.m.12 views

Design/Logic Flaw

Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by...

7.2CVSS7.6AI score0.00868EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2019/07/13 12:15 a.m.327 views

CVE-2019-5629

Rapid7 Insight Agent (versions ≤ 2.6.3) is affected by a local privilege escalation due to an uncontrolled DLL search path. During startup, the Python interpreter attempts to load python3.dll from C:\DLLs\python3.dll, a path writable by locally authenticated users, enabling a malicious local user...

7.8CVSS7.5AI score0.00868EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2019/07/13 12:15 a.m.28 views

CVE-2019-5629

Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by...

7.8CVSS7.6AI score0.00868EPSS
Exploits1References5
CNVD
CNVD
added 2019/06/04 12:0 a.m.4 views

Rapid7's Windows InsightIDR Local Elevation of Privilege Vulnerability

Rapid7 Insight Agent is a lightweight software from Rapid7 USA. The software is capable of collecting data from IT assets. A security vulnerability exists in Rapid7 Insight Agent 2.6.3 and earlier versions. An attacker can exploit the vulnerability to elevate privileges to SYSTEM...

7.8CVSS6.8AI score0.00868EPSS
Exploits1References1
Rows per page
Query Builder