Lucene search
K

45 matches found

Prion
Prion
added 2024/01/11 2:15 p.m.22 views

Code injection

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

4.3CVSS7AI score0.00309EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2024/01/11 2:15 p.m.23 views

Code injection

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

4.6CVSS7AI score0.00186EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2024/01/11 2:15 p.m.19 views

Design/Logic Flaw

ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."...

2.1CVSS7.1AI score0.00286EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2024/01/11 2:15 p.m.19 views

Code injection

In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

4.3CVSS7.5AI score0.00286EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.25 views

CVE-2023-50159

In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

8.9AI score0.00286EPSS
Exploits1References3
CVE
CVE
added 2024/01/11 12:0 a.m.42 views

CVE-2023-50159

ScaleFusion (Windows Desktop App) agent 10.5.2 is affected by a kiosk-mode bypass vulnerability that can lead to arbitrary code execution. The issue is mitigated in version 10.5.7 by preventing the launching of File Explorer within Agent-based Multi-App and Single App Kiosk modes. CVSS v3.1 metri...

8.8CVSS8.6AI score0.00286EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.5 views

ScaleFusion Security Vulnerabilities

ScaleFusion is a mobile device management and unified endpoint management application from ScaleFusion. A security vulnerability exists in Scalefusion kiosk version 10.5.2 that originates from the ability to bypass Kiosk mode application restrictions to execute arbitrary code...

8.8CVSS7.3AI score0.00286EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.25 views

CVE-2023-51749

ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be made from a tooltip. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."...

8.8AI score0.00309EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.4 views

Scalefusion kiosk security vulnerability

ScaleFusion is a mobile device management and unified endpoint management application from ScaleFusion. A security vulnerability exists in the Scalefusion kiosk version 10.5.2, which originates from a searchable tooltip and results in the inability to properly restrict users from using the Edge...

8.8CVSS6.7AI score0.00309EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.32 views

CVE-2023-51748

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

8.7AI score0.00309EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.5 views

Scalefusion kiosk security vulnerability

ScaleFusion is a mobile device management and unified endpoint management application from ScaleFusion. A security vulnerability exists in the Scalefusion kiosk version 10.5.2, which stems from the ability to use Alt-F4, resulting in the inability to properly restrict users from using the Edge...

7.3CVSS6.7AI score0.00186EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.3 views

Scalefusion kiosk security vulnerability

ScaleFusion is a mobile device management and unified endpoint management application from ScaleFusion. A security vulnerability exists in the Scalefusion kiosk version 10.5.2 that stems from the ability to use Ctrl-O and Ctrl-S, resulting in the inability to properly restrict users from using th...

8.8CVSS6.7AI score0.00309EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/01/11 12:0 a.m.3 views

CVE-2023-51748

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

8.6AI score0.00309EPSS
Exploits1References3
CVE
CVE
added 2024/01/11 12:0 a.m.48 views

CVE-2023-51751

ScaleFusion (Scalefusion) kiosk vulnerability CVE-2023-51751: in version 10.5.2, users are not properly limited to the Edge application and can use Alt-F4 to escape the restricted Edge environment. The issue affects the Agent-based Multi-App and Single App Kiosk modes, enabling access beyond the ...

7.3CVSS6.4AI score0.00186EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.32 views

CVE-2023-51750

ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."...

5.1AI score0.00286EPSS
Exploits0References3
CVE
CVE
added 2024/01/11 12:0 a.m.43 views

CVE-2023-51748

ScaleFusion 10.5.2 is affected by a kiosk-mode security issue where Ctrl-O and Ctrl-S can bypass the Edge application restriction, potentially exposing the isolated environment. Root cause: insufficient access control in Scalefusion MDM Agent allowing users to access the file explorer. The issue ...

8.8CVSS8.4AI score0.00309EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.4 views

Scalefusion kiosk security vulnerability

ScaleFusion is a mobile device management and unified endpoint management application from ScaleFusion. A security vulnerability exists in the Scalefusion kiosk version 10.5.2, which stems from a file download that may occur, resulting in the inability to properly restrict users from using the Ed...

4.6CVSS6.8AI score0.00286EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/01/11 12:0 a.m.10 views

CVE-2023-51751

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

6.7AI score0.00186EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.35 views

CVE-2023-51751

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

6.7AI score0.00186EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/11 12:0 a.m.9 views

CVE-2023-51750

ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."...

6.8AI score0.00286EPSS
Exploits0References3
Rows per page
Query Builder