NEC EXPRESSCLUSTER X和NEC EXPRESSCLUSTER X SingleServerSafe 安全漏洞

NEC EXPRESSCLUSTER X and NEC EXPRESSCLUSTER X SingleServerSafe are both disaster recovery software from Nippon Electric NEC. A security vulnerability exists in NEC EXPRESSCLUSTER X and NEC EXPRESSCLUSTER X SingleServerSafe that originates from an attacker's ability to send specially crafted netwo...

CVE-2021-20705

Improper input validation vulnerability in the WebManager CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote file...

CVE-2021-20700

Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution...

CVE-2023-39547

CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command...

CVE-2023-39545

CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command...

CVE-2023-39547

CVE-2023-39547 affects NEC ClusterPROX/EXPRESSCLUSTER X products: CLUSTERPRO X Ver5.1 and earlier, EXPRESSCLUSTER X 5.1 and earlier, and their SingleServerSafe variants (5.1 and earlier). The root issue is an authentication bypass that allows an attacker who can log in to the product to execute a...

CVE-2023-39545

CVE-2023-39545 affects NEC EXPRESSCLUSTER X and CLUSTERPRO X family (ExpressCluster X 5.1 and earlier; ClusterPRO X 5.1 and earlier; SingleServerSafe 5.1 and earlier). Description: an attacker who can log in to the product may execute arbitrary commands. Connected sources corroborate login-based ...

PT-2023-27013 · Unknown · Clusterpro X +3

Name of the Vulnerable Software and Affected Versions: CLUSTERPRO X versions 5.1 and earlier EXPRESSCLUSTER X versions 5.1 and earlier CLUSTERPRO X SingleServerSafe versions 5.1 and earlier EXPRESSCLUSTER X SingleServerSafe versions 5.1 and earlier Description: The issue allows an attacker to log...

NEC Corporation CLUSTERPRO Security Vulnerability

NEC Corporation CLUSTERPRO is an HA clustering software from Nippon Electric NEC Corporation. A security vulnerability exists in NEC Corporation CLUSTERPRO X. The vulnerability originates from a vulnerability that allows an attacker to bypass authentication, log in to the product, and execute...

PT-2023-27014 · Unknown · Clusterpro X +3

Name of the Vulnerable Software and Affected Versions: CLUSTERPRO X versions 5.1 and earlier EXPRESSCLUSTER X versions 5.1 and earlier CLUSTERPRO X SingleServerSafe versions 5.1 and earlier EXPRESSCLUSTER X SingleServerSafe versions 5.1 and earlier Description: The issue allows an attacker to log...

NEC Corporation CLUSTERPRO Code Issue Vulnerability

NEC Corporation CLUSTERPRO is a HA clustering software from Nippon Electric NEC Corporation. A code issue vulnerability exists in NEC Corporation CLUSTERPRO X Ver5.1 and earlier versions that stems from the presence of a file upload vulnerability. An attacker can exploit the vulnerability to uplo...

PT-2022-22376 · Unknown · Clusterpro X +3

Name of the Vulnerable Software and Affected Versions: CLUSTERPRO X versions 5.0 and earlier EXPRESSCLUSTER X versions 5.0 and earlier CLUSTERPRO X SingleServerSafe versions 5.0 and earlier EXPRESSCLUSTER X SingleServerSafe versions 5.0 and earlier Description: The issue allows a remote...

CVE-2021-20701

Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote code execution...

CVE-2021-20704

Buffer overflow vulnerability in the compatible API with previous versions CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attack...

Input validation

Improper input validation vulnerability in the WebManager CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote file...

Input validation

Improper input validation vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to rea...

CVE-2021-20707

Improper input validation vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to rea...