CVE-2017-3801

A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privilege Escalation Vulnerability. The vulnerability is due to improper role-based access control RBAC...

Cisco UCS Director Privilege Escalation Vulnerability

A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile. The vulnerability is due to improper role-based access control RBAC after the Developer Menu is enabled in Cisco UCS Director...

CVE-2017-2622

An accessibility flaw was found in the OpenStack Workflow mistral service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information...

Multiple Vulnerabilities in JIRA Workflow Servlet

||Affected Versions|| |4.2.4 = version 6.3.0| An anonymous user can perform multiple attacks on a vulnerable JIRA instance that could cause remote code execution, the disclosure of private files or execute a denial of service attack against the JIRA server. This vulnerability is caused by the way...

Multiple Vulnerabilities in JIRA Workflow Servlet

||Affected Versions|| |4.2.4 = version 6.3.0| An anonymous user can perform multiple attacks on a vulnerable JIRA instance that could cause remote code execution, the disclosure of private files or execute a denial of service attack against the JIRA server. This vulnerability is caused by the way...

Multiple Vulnerabilities in JIRA Workflow Servlet

||Affected Versions|| |4.2.4 = version 6.3.0| An anonymous user can perform multiple attacks on a vulnerable JIRA instance that could cause remote code execution, the disclosure of private files or execute a denial of service attack against the JIRA server. This vulnerability is caused by the way...

CVE-2016-1894

NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors...

Authentication flaw

NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors...

CVE-2016-1894

NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors...

CVE-2016-1894

NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors...

CVE-2016-1894

CVE-2016-1894 affects NetApp OnCommand Workflow Automation prior to version 3.1P2. The vulnerability is an authentication bypass that enables remote attackers to bypass authentication via unspecified vectors. The issue is documented across multiple sources (NVD entries and vendor/CNVD references)...

Automated Security Response: Falcon Orchestrator

CrowdStrike Falcon Orchestrator is an extendable Windows-based application that provides workflow automation, case management and security response functionality. The tool leverages the highly extensible APIs contained within the CrowdStrike Falcon Connect program. Falcon Orchestrator has only be...

dotCMS < 3.3.2 SQLi Vulnerability

dotCMS is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dotcms:dotcms"; if...

Symantec IT Management Suite Multiple Issues

SUMMARY Symantec has released updates to address two security issues: a cross-site scripting XSS issue and a denial of service DoS issue reported in the Symantec IT Management Suite ITMS workflow process manager console. AFFECTED PRODUCTS Symantec IT Manage Suite Workflow Process Manager Console...

CVE-2016-5532

Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...

CVE-2016-5532

Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...

CVE-2016-5532

Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...

CVE-2016-5532

Unspecified vulnerability in the Oracle Shipping Execution component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Workflow Events...

CVE-2016-5532

CVE-2016-5532 affects Oracle E-Business Suite Shipping Execution, specifically the Shipping Execution component, versions 12.1.1–12.1.3 and 12.2.3–12.2.6. The vulnerability allows remote attackers to disclose confidential data via Workflow Events. No exploitation details are provided in the conne...