Lucene search
+L

310 matches found

Veracode
Veracode
added 2024/04/29 7:14 a.m.29 views

Open Redirect

github.com/portainer/portainer is vulnerable to Open Redirect. The vulnerability is due to improper validation of user-supplied URLs which allow redirects to arbitrary web pages not limited to index.yaml...

9.1CVSS6.8AI score0.00623EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/04/26 12:15 a.m.31 views

CVE-2024-33661

Portainer before 2.20.0 allows redirects when the target is not index.yaml...

9.1CVSS6.5AI score0.00623EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.9 views

PT-2024-4001 · Portainer +1 · Portainer +1

Name of the Vulnerable Software and Affected Versions: Portainer versions prior to 2.20.0 Description: The issue is related to the use of open redirects in the Portainer container management platform. This could allow an attacker to redirect a user to an arbitrary site. The problem is associated...

9.1CVSS9.5AI score0.00623EPSS
Exploits0References11
CVE
CVE
added 2024/04/25 12:0 a.m.103 views

CVE-2024-33661

CVE-2024-33661 affects Portainer prior to 2.20.0, allowing open redirects when the target is not index.yaml. Multiple sources (NVD/OSV/NVD mirrors, Red Hat, Veracode, PT Security) confirm that the vulnerability enables redirection to arbitrary sites, with PT Security additionally describing an SS...

9.1CVSS6.8AI score0.00623EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/04/25 12:0 a.m.41 views

CVE-2024-33661

Portainer before 2.20.0 allows redirects when the target is not index.yaml...

6.8AI score0.00623EPSS
Exploits0References4
OSV
OSV
added 2024/04/25 12:0 a.m.20 views

CVE-2024-33661

Portainer before 2.20.0 allows redirects when the target is not index.yaml...

9.1CVSS6.9AI score0.00623EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.8 views

Portainer 安全漏洞

Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. A security vulnerability exists in Portainer versions prior to 2.20.0 that stems from allowing redirection when the target is not index.yaml...

9.1CVSS6.7AI score0.00623EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/25 12:0 a.m.17 views

CVE-2024-33661

Portainer before 2.20.0 allows redirects when the target is not index.yaml...

7.2AI score0.00623EPSS
Exploits0References4
NVD
NVD
added 2024/04/10 3:16 p.m.28 views

CVE-2024-29296

A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...

5.3CVSS6.8AI score0.01242EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.5 views

Portainer 安全漏洞

Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. A security vulnerability exists in Portainer CE version 2.19.4 that stems from the presence of a user enumeration vulnerability that could allow an unauthenticated remote user to determine if a...

5.3CVSS6.7AI score0.01242EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/04/10 12:0 a.m.41 views

CVE-2024-29296

A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...

7.1AI score0.01242EPSS
Exploits2References1
CVE
CVE
added 2024/04/10 12:0 a.m.65 views

CVE-2024-29296

Portainer CE 2.19.4 is affected by a timing-based user enumeration vulnerability in the authentication flow, enabling remote unauthenticated actors to verify usernames. This is corroborated by Red Hat, OSV, CNNVD, and other sources; a PoC exists (GitHub). Remediation status is not clearly publish...

5.3CVSS7.1AI score0.01242EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/10 12:0 a.m.16 views

CVE-2024-29296

A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...

7.2AI score0.01242EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.8 views

PT-2024-5801 · Unknown +1 · Portainer Ce +1

Name of the Vulnerable Software and Affected Versions: Portainer CE version 2.19.4 Description: A user enumeration issue is present in the user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not. This...

5.3CVSS6.5AI score0.01242EPSS
Exploits2References9
OSV
OSV
added 2024/04/10 12:0 a.m.9 views

CVE-2024-29296

A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...

5.3CVSS7.4AI score0.01242EPSS
Exploits2References3
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.7 views

The vulnerability of the Portainer container management platform lies in the incorrect limitation of the path name for the restricted access catalog, allowing attackers to upload arbitrary files into the system.

The vulnerability of the Portainer container management platform is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability allows a malicious actor to upload arbitrary files into the system remotely...

7.8CVSS7.3AI score0.01352EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.7 views

The vulnerability of the Portainer container management platform, related to deficiencies in the authentication process, allows a perpetrator to gain full access to the file system.

The vulnerability of the Portainer container management platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain full access to the host’s file system through the host management API...

9CVSS7.6AI score0.01036EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.8 views

The vulnerability of the Portainer container management platform, related to deficiencies in access control, allows a hacker to gain full access to the host’s file system.

The vulnerability of the Portainer container management platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full access to the host’s file system...

9.9CVSS7.8AI score0.01355EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.8 views

The vulnerability of the Role-Based Access Control (RBAC) function in the Portainer container management platform allows a perpetrator to disclose protected information.

The vulnerability of the Role-Based Access Control RBAC access control function in the Portainer container management platform is related to deficiencies in access restriction. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose sensitive information...

6.8CVSS6.5AI score0.0089EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.6 views

The vulnerability of the Portainer container management platform arises from the lack of measures taken to protect the website structure, allowing attackers to perform cross-site scripting attacks.

The vulnerability of the Portainer container management platform exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

5.5CVSS5.7AI score0.00516EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder