Lucene search
+L

214 matches found

CNNVD
CNNVD
added 2024/08/13 12:0 a.m.5 views

Mitel MiVoice MX-ONE 安全漏洞

Mitel MiVoice MX-ONE is a complete communications solution from Mitel Canada. A security vulnerability exists in Mitel MiVoice MX-ONE version 7.6 SP1 and prior versions, which stems from a Permission Modification Improperity vulnerability in the Provisioning Manager component that could allow an...

8.8CVSS6.7AI score0.00492EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/29 12:0 a.m.5 views

PT-2024-6692 · Mitel · Mitel Mivoice Mx-One

Name of the Vulnerable Software and Affected Versions: Mitel MiVoice MX-ONE versions through 7.6 SP1 Description: The provisioning manager component of Mitel MiVoice MX-ONE could allow an authenticated attacker to conduct an authentication bypass attack due to improper access control. A successfu...

8.8CVSS7.2AI score0.00492EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2022/09/08 10:15 p.m.3 views

CVE-2022-40280

An issue was discovered in Samsung TizenRT through 3.0GBM and 3.1PRE. createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3close after sqlite3openv2, leading to a denial of service...

7.5CVSS7.2AI score0.00988EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/03 9:10 p.m.10 views

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect Tivoli Provisioning Manager for OS Deployment shipped with IBM Systems Director Editions.

Summary IBM Tivoli Provisioning Manager for OS Deployment is shipped as a component of IBM Systems Director Editions. Information about a security vulnerability affecting IBM Tivoli Provisioning Manager for OS Deployment has been published in a security bulletin. Vulnerability Details Please...

0.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/03 9:10 p.m.9 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect Tivoli Provisioning Manager for OS Deployment shipped with IBM Systems Director Editions.

Summary IBM Tivoli Provisioning Manager for OS Deployment is shipped as a component of IBM Systems Director Editions. Information about a security vulnerability affecting IBM Tivoli Provisioning Manager for OS Deployment has been published in a security bulletin. Vulnerability Details Please...

0.9AI score
Exploits0Affected Software1
OSV
OSV
added 2021/07/22 7:15 p.m.3 views

CVE-2021-31581

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...

4.4CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2021/07/22 7:15 p.m.30 views

CVE-2021-31580

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...

10CVSS0.03023EPSS
Exploits1References1
NVD
NVD
added 2021/07/22 7:15 p.m.33 views

CVE-2021-31581

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...

7.9CVSS0.01217EPSS
Exploits1References1
Prion
Prion
added 2021/07/22 7:15 p.m.20 views

Authentication flaw

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...

10CVSS9.2AI score0.03023EPSS
Exploits1References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2021/07/22 7:15 p.m.2 views

CVE-2021-31581

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...

7.9CVSS6.1AI score0.01217EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2021/07/22 7:15 p.m.22 views

Design/Logic Flaw

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...

2.1CVSS4.8AI score0.01217EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2021/07/22 6:27 p.m.139 views

CVE-2021-31581

CVE-2021-31581 affects Akkadian Provisioning Manager Engine (PME)/Appliance Manager. The vulnerability arises from a restricted shell that can be escaped by abusing the Edit MySQL Configuration flow, which drops the user into a vi editor interface and allows shell escapes. This leads to informati...

7.9CVSS5.1AI score0.01217EPSS
Exploits1References1Affected Software2
Cvelist
Cvelist
added 2021/07/22 6:27 p.m.31 views

CVE-2021-31581 Akkadian Provisioning Manager Engine (PME) Shell Escape via 'vi' editor interface

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...

7.9CVSS7.9AI score0.01217EPSS
Exploits1References1
CVE
CVE
added 2021/07/22 6:27 p.m.73 views

CVE-2021-31580

CVE-2021-31580 affects Akkadian Provisioning Manager Engine (PME) and related components, where the OpenSSH channel can be switched from shell to exec, causing a bypass of the restricted shell and enabling command execution within a bash context. The root cause is a misconfigured restricted shell...

10CVSS9.1AI score0.03023EPSS
Exploits1References1Affected Software2
Cvelist
Cvelist
added 2021/07/22 6:27 p.m.26 views

CVE-2021-31580 Akkadian Provisioning Manager Engine (PME) Shell Escape via 'exec' command

The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...

8.7CVSS9.5AI score0.03023EPSS
Exploits1References1
CVE
CVE
added 2021/07/22 6:27 p.m.63 views

CVE-2021-31579

CVE-2021-31579 affects Akkadian Provisioning Manager Engine (PME) where a hard-coded credential (akkadianuser:haakkadianpassword) exists. Exploitation can enable root-level shell access when combined with other issues (CVE-2021-31580/81) and, in some contexts, expose sensitive data (CVE-2021-3158...

9.8CVSS8.9AI score0.01283EPSS
Exploits1References1Affected Software2
Cvelist
Cvelist
added 2021/07/22 6:27 p.m.35 views

CVE-2021-31579 Akkadian Provisioning Manager Engine (PME) Hard-Coded Credentials

Akkadian Provisioning Manager Engine PME ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning Manager 5.0.2 and later, and Akkadian Appliance Manager 3.3.0.314-4a349e0 and later...

8.2CVSS9.5AI score0.01283EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/07/22 12:0 a.m.6 views

Akkadian Provisioning Manager操作系统命令注入漏洞

Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. An operating system command injection vulnerability exists in the Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-lev...

10CVSS8.5AI score0.03023EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/22 12:0 a.m.4 views

Akkadian Provisioning Manager 信任管理问题漏洞

Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A trust management issue vulnerability exists in Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-level shell access t...

9.8CVSS8.4AI score0.01283EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/22 12:0 a.m.5 views

Akkadian Provisioning Manager 安全漏洞

Akkadian Provisioning Manager is a provisioning solution from Akkadian USA for new integrations for more robust provisioning automation. A security vulnerability exists in the Akkadian Provisioning Manager Engine PME that allows an unauthorized attacker to have root-level shell access to affected...

7.9CVSS5.2AI score0.01217EPSS
Exploits1References2
Rows per page
Query Builder