Lucene search
K

31 matches found

OSV
OSV
added 2022/09/28 8:15 p.m.5 views

UBUNTU-CVE-2022-3287

When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file...

6.5CVSS6.5AI score0.00619EPSS
Exploits0References3
CVE
CVE
added 2020/09/15 1:24 p.m.43 views

CVE-2020-16096

CVE-2020-16096 (Gallagher Command Centre) affects Gallagher Command Centre versions: 8.10 before 8.10.1134(MR4), 8.00 before 8.00.1161(MR5), 7.90 before 7.90.991(MR5), 7.80 before 7.80.960(MR2), and 7.70 and earlier. The issue allows any operator account to access data that would be replicated in...

9.9CVSS7.4AI score0.008EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/03/22 2:29 p.m.4 views

CVE-2017-0932

Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of validation on the input of the Feature functionality. An attacker with access to an operator read-only account and ssh connection to the devices could escalate privileg...

8.8CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2018/03/22 2:29 p.m.29 views

Privilege escalation

Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator read-only account could escalate privileges to admi...

9CVSS8.6AI score0.01303EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/03/22 2:29 p.m.3 views

CVE-2017-0934

Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator read-only account could escalate privileges to admin...

8.8CVSS5.8AI score0.01326EPSS
Exploits0References2
Prion
Prion
added 2018/03/22 2:29 p.m.14 views

Privilege escalation

Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator read-only account could escalate privileges to admin...

9CVSS8.6AI score0.01326EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/03/22 2:29 p.m.5 views

CVE-2017-0935

Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator read-only account could escalate privileges to admi...

8.8CVSS5.8AI score0.01303EPSS
Exploits0References2
Hacker One
Hacker One
added 2017/06/22 8:2 p.m.37 views

Ubiquiti Inc.: Privilege Escalation with Session Hijacking Having a Non-privileged Valid User

EdgeOS version 1.9.1.1 and prior, consequence of lack of protection if the file-system, exposing sensitive information, an attacker with access to an operator read-only account, can escalate privileges to admin root access in the system...

9CVSS8.3AI score0.01303EPSS
Exploits0
Hacker One
Hacker One
added 2017/06/17 4:55 p.m.32 views

Ubiquiti Inc.: Privilege Escalation: From operator to ubnt (and root) with non-interactive Session Hijacking

EdgeOS version 1.9.1 and prior, consequence of lack of protection if the file-system, exposing sensitive information, an attacker with access to an operator read-only account, can escalate privileges to admin root access in the system...

9CVSS8.3AI score0.01326EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/01/31 12:0 a.m.35 views

Default Password (profense) for 'operator' Account

The account 'operator' on the remote host has the password 'profense'. An attacker may leverage this to gain total control of the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "operator"; password = "profense"; include'deprecatednasllevel.inc'; include'compat.inc...

7.5CVSS8.2AI score0.53618EPSS
Exploits41References1
securityvulns
securityvulns
added 2003/02/25 12:0 a.m.35 views

sircd buffer overflow

Buffer overflow on DNS resolution, default operator account of !@...

4.1AI score
Exploits0References1Affected Software1
Rows per page
Query Builder