59 matches found
CVE-2024-50616
Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated attacker to elevate their privileges and view job information...
CVE-2024-50616
Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated attacker to elevate their privileges and view job information...
Ironman PowerShell Universal 安全漏洞
Ironman PowerShell Universal is a single pane for managing and delegating access to automation environments from Ironman. A security vulnerability exists in Ironman PowerShell Universal version 5.x prior to 5.0.12, which originates from a vulnerability that allows an authenticated attacker to...
CVE-2024-50616
Ironman PowerShell Universal 5.x before 5.0.12 is affected. An authenticated attacker can elevate privileges and view job information. The issue originates from Ironman PowerShell Universal prior to version 5.0.12, with documented vulnerability across multiple sources (NVD/Red Hat/CVE lists). The...
PT-2024-34362 · Unknown · Ironman Powershell Universal
Name of the Vulnerable Software and Affected Versions: Ironman PowerShell Universal versions prior to 5.0.12 Description: The issue allows an authenticated attacker to elevate their privileges and view job information. Recommendations: For versions prior to 5.0.12, update to version 5.0.12 or lat...
CVE-2023-49213
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1...
CVE-2023-49213
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1...
Design/Logic Flaw
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to execute arbitrary commands via crafted HTTP requests if a param block is used, due to invalid sanitization of input strings. The fixed versions are 3.10.2, 4.1.10, and 4.2.1...
Ironman Software PowerShell Universal Security Vulnerability
Ironman Software PowerShell Universal is a single pane for managing and delegating access to automation environments from Ironman Software. A security vulnerability exists in Ironman Software PowerShell Universal versions 3.0.0 through 4.2.0, which stems from an invalid filtering of input strings...
CVE-2023-49213
The CVE-2023-49213 issue affects Ironman PowerShell Universal versions 3.0.0 through 4.2.0. The vulnerability arises from invalid sanitization of input strings in API endpoints, allowing remote attackers to execute arbitrary commands via crafted HTTP requests when a param block is used. Fixed ver...
CVE-2022-45184
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...
CVE-2022-45183
Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...
Privilege escalation
Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...
CVE-2022-45184
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...
Directory traversal
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...
Ironman Software PowerShell Universal 安全漏洞
Ironman Software PowerShell Universal is a single pane for managing and delegating access to automation environments from Ironman Software. A security vulnerability exists in Ironman Software PowerShell Universal, which stems from a privilege escalation on a web server, that allows an attacker wi...
CVE-2022-45183
The CVE-2022-45183 vulnerability affects Ironman Software PowerShell Universal 2.x and 3.x Web Server and enables privilege escalation: an attacker possessing a valid app token can retrieve other app tokens by ID via an HTTP request. The issue is rated high (CVSS v3.1 base score 8.8) with network...
Ironman Software PowerShell Universal 路径遍历漏洞
Ironman Software PowerShell Universal is a single pane for managing and delegating access to automation environments from Ironman Software. A security vulnerability exists in Ironman Software PowerShell Universal that stems from a web server that allows directory traversal outside of the...
CVE-2022-45184
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...