Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2022/08/17 12:15 a.m.1 views

CVE-2022-1400

Use of Hard-coded Cryptographic Key vulnerability in the WebReportsApi.dll of Exago Web Reports, as used in the Device42 Asset Management Appliance, allows an attacker to leak session IDs and elevate privileges. This issue affects: Device42 CMDB versions prior to 18.01.00...

9.8CVSS5.8AI score0.0038EPSS
Exploits0References1
Prion
Prionadded 2022/08/17 12:15 a.m.13 views

Design/Logic Flaw

An Argument Injection or Modification vulnerability in the "Change Secret" username field as used in the Discovery component of Device42 CMDB allows a local attacker to run arbitrary code on the appliance with root privileges. This issue affects: Device42 CMDB version 18.01.00 and prior versions...

5.8CVSS9.1AI score0.00573EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2022/08/16 12:0 a.m.1 views

Device42 访问控制错误漏洞

Device42, a Device42 company, provides the industry's most advanced and complete hybrid cloud discovery and dependency mapping platform. An access control error vulnerability exists in Device42 CMDB version 18.01.00 and earlier, which stems from a vulnerability in the /Exago/WrImageResource.adx...

7.5CVSS7.3AI score0.0504EPSS
Exploits0References3
CNNVD
CNNVDadded 2022/08/16 12:0 a.m.2 views

Device42 操作系统命令注入漏洞

Device42 is a US-based Device42 company providing the industry's most advanced and complete hybrid cloud discovery and dependency mapping platform. Device42 CMDB versions 18.01.00 and earlier have an operating system command injection vulnerability that stems from a vulnerability in the dboptimiz...

8.8CVSS8.9AI score0.01174EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/08/12 12:0 a.m.3 views

PT-2022-4179 · Device42 · Device42 Cmdb

Name of the Vulnerable Software and Affected Versions: Device42 CMDB versions prior to 18.01.00 Description: The issue is related to the use of a hard-coded cryptographic key in the WebReportsApi.dll of Exago Web Reports, as used in the Device42 Asset Management Appliance. This allows an attacker...

9.8CVSS9.1AI score0.0038EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2022/08/12 12:0 a.m.2 views

PT-2022-4178 · Device42 · Device42 Cmdb

Name of the Vulnerable Software and Affected Versions: Device42 CMDB versions prior to 18.01.00 Description: The issue is related to improper access control in the Device42 Asset Management Appliance, specifically in the /Exago/WrImageResource.adx route. This allows an unauthenticated attacker to...

7.5CVSS7.2AI score0.0504EPSS
Exploits0References7
The Hacker News
The Hacker Newsadded 2022/08/11 9:23 a.m.148 views

Critical Flaws Disclosed in Device42 IT Asset Management Software

Cybersecurity researchers have disclosed multiple severe security vulnerabilities asset management platform Device42 that, if successfully exploited, could enable a malicious actor to seize control of affected systems. "By exploiting these issues, an attacker could impersonate other users, obtain...

2.8AI score0.01174EPSS
Exploits0
Rows per page
Query Builder