214 matches found
Mitel MiVoice MX-ONE 安全漏洞
Mitel MiVoice MX-ONE is a complete communications solution from Mitel Canada. A security vulnerability exists in Mitel MiVoice MX-ONE version 7.6 SP1 and prior versions, which stems from a Permission Modification Improperity vulnerability in the Provisioning Manager component that could allow an...
PT-2024-6692 · Mitel · Mitel Mivoice Mx-One
Name of the Vulnerable Software and Affected Versions: Mitel MiVoice MX-ONE versions through 7.6 SP1 Description: The provisioning manager component of Mitel MiVoice MX-ONE could allow an authenticated attacker to conduct an authentication bypass attack due to improper access control. A successfu...
CVE-2022-40280
An issue was discovered in Samsung TizenRT through 3.0GBM and 3.1PRE. createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3close after sqlite3openv2, leading to a denial of service...
Security Bulletin: Multiple Vulnerabilities in OpenSSL affect Tivoli Provisioning Manager for OS Deployment shipped with IBM Systems Director Editions.
Summary IBM Tivoli Provisioning Manager for OS Deployment is shipped as a component of IBM Systems Director Editions. Information about a security vulnerability affecting IBM Tivoli Provisioning Manager for OS Deployment has been published in a security bulletin. Vulnerability Details Please...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect Tivoli Provisioning Manager for OS Deployment shipped with IBM Systems Director Editions.
Summary IBM Tivoli Provisioning Manager for OS Deployment is shipped as a component of IBM Systems Director Editions. Information about a security vulnerability affecting IBM Tivoli Provisioning Manager for OS Deployment has been published in a security bulletin. Vulnerability Details Please...
CVE-2021-31581
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...
CVE-2021-31580
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...
CVE-2021-31581
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...
Authentication flaw
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...
CVE-2021-31581
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...
Design/Logic Flaw
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...
CVE-2021-31581
CVE-2021-31581 affects Akkadian Provisioning Manager Engine (PME)/Appliance Manager. The vulnerability arises from a restricted shell that can be escaped by abusing the Edit MySQL Configuration flow, which drops the user into a vi editor interface and allows shell escapes. This leads to informati...
CVE-2021-31581 Akkadian Provisioning Manager Engine (PME) Shell Escape via 'vi' editor interface
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...
CVE-2021-31580
CVE-2021-31580 affects Akkadian Provisioning Manager Engine (PME) and related components, where the OpenSSH channel can be switched from shell to exec, causing a bypass of the restricted shell and enabling command execution within a bash context. The root cause is a misconfigured restricted shell...
CVE-2021-31580 Akkadian Provisioning Manager Engine (PME) Shell Escape via 'exec' command
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...
CVE-2021-31579
CVE-2021-31579 affects Akkadian Provisioning Manager Engine (PME) where a hard-coded credential (akkadianuser:haakkadianpassword) exists. Exploitation can enable root-level shell access when combined with other issues (CVE-2021-31580/81) and, in some contexts, expose sensitive data (CVE-2021-3158...
CVE-2021-31579 Akkadian Provisioning Manager Engine (PME) Hard-Coded Credentials
Akkadian Provisioning Manager Engine PME ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning Manager 5.0.2 and later, and Akkadian Appliance Manager 3.3.0.314-4a349e0 and later...
Akkadian Provisioning Manager操作系统命令注入漏洞
Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. An operating system command injection vulnerability exists in the Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-lev...
Akkadian Provisioning Manager 信任管理问题漏洞
Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A trust management issue vulnerability exists in Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-level shell access t...
Akkadian Provisioning Manager 安全漏洞
Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A security vulnerability exists in the Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-level shell access to affected...