CVE-2022-37108

An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...

EUVD-2022-39761

Malicious code in bioql PyPI...

CVE-2022-37108

An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...

CVE-2022-37108

An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...

Design/Logic Flaw

An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...

CVE-2022-37108

An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...

CVE-2022-37108

Summary: CVE-2022-37108 is an injection vulnerability in the syslog-ng configuration wizard of Securonix Snypr 6.4. An application user with the Manage Ingesters permission can coerce remote ingesters to execute arbitrary code by appending text to system-executed files (e.g., crontab entries). Te...

PT-2022-23817 · Securonix +1 · Securonix Snypr +1

Name of the Vulnerable Software and Affected Versions: Securonix Snypr versions prior to 6.4 Jun 2022 R3 Description: An injection vulnerability in the syslog-ng configuration wizard allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by...

Securonix SNYPR 注入漏洞

Securonix SNYPR is an open, modular, next-generation security intelligence platform from Securonix, Inc. that combines log management, security information and events. A security vulnerability exists in Securonix SNYPR version 6.4, which stems from the syslog-ng configuration wizard that allows a...

CVE-2021-41385

The third party intelligence connector in Securonix SNYPR 6.3.1 Build 1842950302 allows an authenticated user to obtain access to server configuration details via SSRF...

CVE-2021-41385

The third party intelligence connector in Securonix SNYPR 6.3.1 Build 1842950302 allows an authenticated user to obtain access to server configuration details via SSRF...

CVE-2021-41385

The third party intelligence connector in Securonix SNYPR 6.3.1 Build 1842950302 allows an authenticated user to obtain access to server configuration details via SSRF...

Securonix SNYPR 代码问题漏洞

Securonix SNYPR is an open, modular, next-generation security intelligence platform from Securonix, Inc. that combines log management, security information and events. A security vulnerability exists in Securonix SNYPR 6.3.1 Build 1842950302, which stems from a third-party intelligent connector i...