Delinea PAM Secret Server 安全漏洞

Delinea PAM Secret Server is a key service manager from Delinea. An Access Control Error vulnerability exists in Delinea PAM Secret Server version 11.4, which can be exploited by an attacker to view system reports and modify customized reports via the Reports feature in the Web UI when Unrestrict...

PT-2024-21069 · Delinea · Delinea Pam Secret Server

Name of the Vulnerable Software and Affected Versions: Delinea PAM Secret Server version 11.4 Description: The issue allows unprivileged users to view system reports and modify custom reports via the Report functionality in the Web UI when Unlimited Admin Mode is enabled. Recommendations: For...

CVE-2021-4035

A stored cross site scripting have been identified at the comments in the report creation due to an obsolote version of tinymce editor. In order to exploit this vulnerability, the attackers needs an account with enough privileges to view and edit reports...

CVE-2021-35582

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2021-35582

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

Design/Logic Flaw

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Design/Logic Flaw

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2021-2275

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

Design/Logic Flaw

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

CVE-2021-2275

CVE-2021-2275 corresponds to a vulnerability in Oracle Applications Manager (View Reports) within Oracle E-Business Suite. Affected are 12.1.3 and 12.2.3–12.2.10. The issue allows a highly privileged attacker with network access via HTTP to compromise Oracle Applications Manager, enabling unautho...

Oracle Applications Manager 安全漏洞

Oracle Applications Manager is an application management software from Oracle USA. The software provides monitoring, trending, and fault management for Oracle data files. A security vulnerability exists in Oracle Applications Manager View Reports 12.1.3, 12.2.3-12.2.10, which allows a highly...

IBM Security Guardium Database Activity Monitor Authorization Vulnerability

IBM Security Guardium Database Activity Monitor is a database activity monitor product from IBM USA. The product provides features such as automated controls for compliance and protection against internal and external threats. An authorization vulnerability exists in IBM Security Guardium Databas...

CVE-2018-1368

IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so there is risk that someone not authorized can change things that they are not suppose to. IBM...