CVE-2020-5333

The CVE-2020-5333 entry concerns RSA Archer before version 6.7 P3 (6.7.0.3) and before 6.6 P6 (6.6.0.6), which contains an authorization bypass vulnerability in the REST API. A remote authenticated Archer user could potentially view unauthorized information due to this flaw. Connected sources cor...

CVE-2020-5333

RSA Archer, versions prior to 6.7 P3 6.7.0.3, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to view unauthorized information...

CVE-2020-11671

Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default...

CVE-2020-11671

Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default...

Design/Logic Flaw

Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default...

CVE-2020-11671

Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default...

CVE-2020-11671

The CVE-2020-11671 entry concerns TeamPass: lack of authorization controls in REST API functions in TeamPass 2.1.27.36 and earlier allows any user with a valid API token to become an administrator and read/modify all passwords via api/index.php REST API calls. The impact is elevated privileges an...

Access to all question drafts in private spaces via API

h3. Issue Summary Questions leak information through private space https://asecurityteam.atlassian.net/browse/BOUNTY-2559 h3. Steps to Reproduce Access to questions in spaces is limited to those users that have access to the space. However, question drafts in a restricted space can be accessed by...

CVE-2020-12477

The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function...

Design/Logic Flaw

The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function...

CVE-2020-12477

The vulnerability CVE-2020-12477 affects TeamPass 2.1.27.36: the REST API allows any user with a valid API token to bypass IP address whitelisting by manipulating the X-Forwarded-For header when calling the getIp function. Multiple connected sources (Red Hat, Veracode, OSV, CNVD/CNVD-2020-27440, ...

CVE-2020-12477

The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function...

How to Reset Password in Veeam Backup for Microsoft Azure Appliance

Purpose This article documents methods to reset the password of the Veeam Backup for Microsoft Azure service account. Solution Reset Password via The Microsoft Azure portal 1. Open the Microsoft Azure portal. 2. Log in using your Microsoft Azure credentials. 3. Select the virtual machine with Vee...

Acronis: anti_ransomware_service.exe REST API does not require authentication

antiransomwareservice.exe exposes a REST API that can be used by everyone, even unprivileged users. This API is used to communicate from the Acronis True Image 2020 GUI to the antiransomwareservice.exe. This can be exploited to add an arbitary malicious executable to the whitelist or even exclude...

Acronis: Local Privilege Escalation in anti_ransomware_service.exe via quarantine

antiransomwareservice.exe includes a functionality to quarantine files which will copy the suspected ransomware file from one directory to another using SYSTEM privileges. As any unprivileged user has write permissions in the quarantine folder, it is possible to control this privileged write with...

REST API for Add user to group returns error 400 instead of 404 when the user does not exist

h3. Issue Summary REST API for Add user to group returns error 400 instead of 404 when the user does not exist. According to the documentation of JIRA 8.5.3|https://docs.atlassian.com/software/jira/docs/api/REST/8.5.3/api/2/group-addUserToGroup when the user or group does not exist, an error 404...

Cisco UCS Director and Cisco UCS Director Express for Big Data Multiple Vuulnerabilities (cisco-sa-ucsd-mult-vulns-UNfpdW4E)

According to its self-reported version, the remote host is running a version of Cisco UCS Director that is affected by multiple vulnerabilities in the REST API which allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device, including the...

Pwndrop - Self-Deployable File Hosting Service For Red Teamers, Allowing To Easily Upload And Share Payloads Over HTTP And WebDAV

pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV. If you've ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m...

Information disclosure in the /rest/jira-ril/1.0/jira-rest/applinks resource in the crucible-jira-ril plugin - CVE-2020-4017

The /rest/jira-ril/1.0/jira-rest/applinks resource in the crucible-jira-ril plugin in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to get information about any configured Jira application links via an information disclosure vulnerability...

Cisco UCS Director and Cisco UCS Director Express for Big Data Path Traversal Vulnerability (CNVD-2020-25349)

Cisco UCS Director and Cisco UCS Director Express for Big Data are both products from Cisco, Inc. Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Cisco UCS Director is a heterogeneous platform for private cloud infrastructure-as-a-service IaaS. A...