Lucene search
K

119 matches found

Positive Technologies
Positive Technologies
added 2022/09/26 12:0 a.m.5 views

PT-2022-24838 · Mist · Mist

Name of the Vulnerable Software and Affected Versions: Mist versions prior to 0.9.5 Description: Mist is the command-line interface for the makedeb Package Repository. A user-provided sudo binary via the PATH variable can allow a local user to run arbitrary commands on the user's system with root...

8.4CVSS7.6AI score0.00226EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/09/26 12:0 a.m.7 views

Mist 代码问题漏洞

Mist is the official command line interface to the makedeb package repository, a makedeb open source. A code issue vulnerability exists in Mist 0.9.5 and earlier versions, which stems from a user-supplied sudo binary via the PATH variable that allows a local user to run arbitrary commands on the...

8.4CVSS7.7AI score0.00226EPSS
Exploits0References4
CNVD
CNVD
added 2020/10/27 12:0 a.m.3 views

Juniper Networks Mist Cloud UI Input Validation Error Vulnerability (CNVD-2020-64788)

Juniper Networks Mist Cloud is a Juniper Networks USA platform that simplifies cloud management and helps users prevent vendor and complexity lock-in. It provides cost and utilization reporting, RBAC, management, provisioning, orchestration, monitoring and automation for servers across public and...

7.2CVSS6.8AI score0.0042EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/19 12:0 a.m.1 views

Juniper Networks Mist Cloud UI Input Validation Error Vulnerability

Juniper Networks Mist Cloud is a Juniper Networks USA platform that simplifies cloud management and helps users prevent vendor and complexity lock-in. It provides cost and utilization reporting, RBAC, management, provisioning, orchestration, monitoring and automation for servers across public and...

7.2CVSS6.8AI score0.00876EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/19 12:0 a.m.2 views

Juniper Networks Mist Cloud UI Unauthorized Access Vulnerability

Juniper Networks Mist Cloud is a Juniper Networks USA platform that simplifies cloud management and helps users prevent vendor and complexity lock-in. It provides cost and utilization reporting, RBAC, management, provisioning, orchestration, monitoring and automation for servers across public and...

8.3CVSS6.8AI score0.00574EPSS
Exploits0References1
OSV
OSV
added 2020/10/16 9:15 p.m.5 views

CVE-2020-1675

When Security Assertion Markup Language SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. This issue affects all Juniper Networks Mist Cloud UI...

8.3CVSS5.8AI score0.00574EPSS
Exploits0References1
OSV
OSV
added 2020/10/16 9:15 p.m.3 views

CVE-2020-1676

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue affects all Juniper...

7.2CVSS7.1AI score
Exploits0References1
NVD
NVD
added 2020/10/16 9:15 p.m.16 views

CVE-2020-1677

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue...

7.2CVSS0.0042EPSS
Exploits0References1
NVD
NVD
added 2020/10/16 9:15 p.m.15 views

CVE-2020-1676

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue affects all Juniper...

7.2CVSS0.00876EPSS
Exploits0References1
NVD
NVD
added 2020/10/16 9:15 p.m.21 views

CVE-2020-1675

When Security Assertion Markup Language SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. This issue affects all Juniper Networks Mist Cloud UI...

8.3CVSS0.00574EPSS
Exploits0References1
Prion
Prion
added 2020/10/16 9:15 p.m.15 views

Authentication flaw

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue...

4.3CVSS7AI score0.0042EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/10/16 9:15 p.m.26 views

Authentication flaw

When Security Assertion Markup Language SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. This issue affects all Juniper Networks Mist Cloud UI...

4.3CVSS8.2AI score0.00574EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/16 8:31 p.m.52 views

CVE-2020-1677

The CVE-2020-1677 entry concerns Juniper Networks Mist Cloud UI where, when SAML authentication is enabled, the implementation may incorrectly process sub-elements in SAML responses. This could allow a remote attacker to modify a valid SAML response without invalidating its cryptographic signatur...

7.2CVSS7.1AI score0.0042EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/16 8:31 p.m.24 views

CVE-2020-1677 Juniper Networks Mist Cloud UI: SAML authentication attribute elements handling vulnerability.

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue...

7.2CVSS7.1AI score0.0042EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/16 8:31 p.m.27 views

CVE-2020-1675 Juniper Networks Mist Cloud UI: SAML authentication certificate vulnerability.

When Security Assertion Markup Language SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. This issue affects all Juniper Networks Mist Cloud UI...

8.3CVSS8.3AI score0.00574EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/16 8:31 p.m.20 views

CVE-2020-1676 Juniper Networks Mist Cloud UI: SAML authentication response handling vulnerability.

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue affects all Juniper...

7.2CVSS7.1AI score0.00876EPSS
Exploits0References1
CVE
CVE
added 2020/10/16 8:31 p.m.54 views

CVE-2020-1675

CVE-2020-1675 affects Juniper Networks Mist Cloud UI where, with SAML authentication enabled, invalid authentication certificates may be processed incorrectly, potentially allowing a network-based attacker to access unauthorized data. The issue affects Mist Cloud UI versions prior to September 2,...

8.3CVSS8.3AI score0.00574EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/16 8:31 p.m.46 views

CVE-2020-1676

Juniper Networks Mist Cloud UI suffers a SAML authentication handling vulnerability: when SAML is enabled, the UI may incorrectly process SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating the cryptographic signature and bypass SAML authentication cont...

7.2CVSS7.1AI score0.00876EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2018/07/20 9:53 p.m.8 views

mist-rain.gamerch.com XSS vulnerability

Open Bug Bounty ID: OBB-651278 Description| Value ---|--- Affected Website:| mist-rain.gamerch.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Rows per page
Query Builder