Lucene search
+L

77 matches found

ATTACKERKB
ATTACKERKB
added 2021/12/01 1:15 a.m.4 views

CVE-2021-40809

An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921. An account can be granted incorrect privileges in response to authentication that uses specific sign-on workflows...

8.8CVSS7.3AI score0.01432EPSS
Exploits1References4
Prion
Prion
added 2021/12/01 1:15 a.m.16 views

Authentication flaw

An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921. An account can be granted incorrect privileges in response to authentication that uses specific sign-on workflows...

6.5CVSS8.7AI score0.01432EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/12/01 12:10 a.m.37 views

CVE-2021-40809

An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921. An account can be granted incorrect privileges in response to authentication that uses specific sign-on workflows...

9AI score0.01432EPSS
Exploits1References3
CVE
CVE
added 2021/12/01 12:10 a.m.50 views

CVE-2021-40809

CVE-2021-40809 : Jamf Pro before 10.32.0 is affected by an authentication-related privilege escalation where an account can be granted incorrect privileges in response to certain sign-on workflows. This is a real vulnerability affecting Jamf Pro prior to 10.32.0; remediation is to upgrade to Jamf...

8.8CVSS8.7AI score0.01432EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2021/12/01 12:0 a.m.7 views

JAMF Jamf Pro 代码问题漏洞

JAMF Jamf Pro is an Apple device management solution from Jamf America JAMF. A security vulnerability exists in Jamf Pro that stems from an issue discovered in Jamf Pro prior to 10.32.0, PI-009921, where incorrect privileges may be granted to an account in response to authentication using a...

8.8CVSS7.9AI score0.01432EPSS
Exploits1References5
OSV
OSV
added 2021/11/12 9:15 p.m.4 views

CVE-2021-39303

The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. NOTE: Jamf Nation will also publish an article about this vulnerability...

9.8CVSS7.3AI score0.0167EPSS
Exploits1References4
NVD
NVD
added 2021/11/12 9:15 p.m.21 views

CVE-2021-39303

The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. NOTE: Jamf Nation will also publish an article about this vulnerability...

9.8CVSS0.0167EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2021/11/12 9:15 p.m.4 views

CVE-2021-39303

The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. NOTE: Jamf Nation will also publish an article about this vulnerability...

9.8CVSS7.2AI score0.0167EPSS
Exploits1References5
Prion
Prion
added 2021/11/12 9:15 p.m.12 views

Server side request forgery (ssrf)

The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. NOTE: Jamf Nation will also publish an article about this vulnerability...

7.5CVSS9.4AI score0.0167EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2021/11/12 8:36 p.m.23 views

CVE-2021-39303

The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka PI-006352. NOTE: Jamf Nation will also publish an article about this vulnerability...

9.7AI score0.0167EPSS
Exploits1References4
CVE
CVE
added 2021/11/12 8:36 p.m.63 views

CVE-2021-39303

The CVE-2021-39303 entry concerns a server-side request forgery (SSRF) in the Jamf Pro server prior to 10.32.0 (PI-006352). Multiple sources identify the affected product as Jamf Pro and confirm the vulnerability exists on the server before the 10.32.0 release. The CVSS data in the NVD entry show...

9.8CVSS9.3AI score0.0167EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2021/11/12 12:0 a.m.7 views

JAMF Jamf Pro 代码问题漏洞

JAMF Jamf Pro is an Apple device management solution from Jamf America JAMF. A security vulnerability exists in Jamf Pro versions prior to 10.32.0. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor's announcement...

9.8CVSS8.2AI score0.0167EPSS
Exploits1References6
NVD
NVD
added 2021/07/12 11:15 a.m.28 views

CVE-2021-35037

Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. An attacker may craft a URL that appears to be for a customer's Jamf Pro instance, but when clicked will forward a user to an arbitrary URL that may b...

6.1CVSS0.00587EPSS
Exploits0References2
OSV
OSV
added 2021/07/12 11:15 a.m.4 views

CVE-2021-35037

Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. An attacker may craft a URL that appears to be for a customer's Jamf Pro instance, but when clicked will forward a user to an arbitrary URL that may b...

6.1CVSS5.8AI score0.00587EPSS
Exploits0References2
Prion
Prion
added 2021/07/12 11:15 a.m.14 views

Open redirect

Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. An attacker may craft a URL that appears to be for a customer's Jamf Pro instance, but when clicked will forward a user to an arbitrary URL that may b...

5.8CVSS6.2AI score0.00587EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/12 10:56 a.m.27 views

CVE-2021-35037

Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. An attacker may craft a URL that appears to be for a customer's Jamf Pro instance, but when clicked will forward a user to an arbitrary URL that may b...

6.4AI score0.00587EPSS
Exploits0References2
CVE
CVE
added 2021/07/12 10:56 a.m.100 views

CVE-2021-35037

The CVE refers to Jamf Pro before version 10.30.1 with an unvalidated/unauthorized URL redirect vulnerability in on‑premises deployments. The underlying issue is an unvalidated URL in Jamf Pro that can cause a user to be redirected to an arbitrary, potentially malicious URL when a crafted link is...

6.1CVSS6.2AI score0.00587EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/07/12 12:0 a.m.8 views

JAMF Jamf Pro 输入验证错误漏洞

JAMF Jamf Pro is an Apple device management solution from Jamf America JAMF. An input validation error vulnerability exists in versions of Jamf Pro prior to 10.30.1 that allows unauthenticated URL redirection to affect Jamf Pro customers in locally hosted environments...

6.1CVSS6.2AI score0.00587EPSS
Exploits0References3
CNVD
CNVD
added 2021/04/06 12:0 a.m.9 views

Jamf Pro Cross-Site Scripting Vulnerability

Jamf Pro is comprehensive enterprise management software for the Apple platform that simplifies IT management for Mac, iPad, iPhone and Apple TV. A cross-site scripting vulnerability exists in "Inventory History" in Jamf Pro versions prior to 10.28.0. No details of the vulnerability are available...

6.1CVSS5.9AI score0.00588EPSS
Exploits0References1
NVD
NVD
added 2021/04/02 8:15 p.m.20 views

CVE-2021-30125

Jamf Pro before 10.28.0 allows XSS related to inventory history, aka PI-009376...

6.1CVSS0.00588EPSS
Exploits0References1
Rows per page
Query Builder