43 matches found
Akkadian Provisioning Manager - Information Disclosure
Akkadian Provisioning Manager is susceptible to information disclosure. The restricted shell provided can be escaped by abusing the Edit MySQL Configuration command. This command launches a standard VI editor interface which can then be escaped. id: CVE-2021-31581 info: name: Akkadian Provisionin...
Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
Akkadian Provisioning Manager 4.50.02 could allow viewing of sensitive information within the /pme subdirectories. id: CVE-2020-27361 info: name: Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure author: gy741 severity: high description: Akkadian Provisioning Manager 4.50.0...
CVE-2021-31579
Akkadian Provisioning Manager Engine PME ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning Manager 5.0.2 and later, and Akkadian Appliance Manager 3.3.0.314-4a349e0 and later...
CVE-2021-31580
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...
EUVD-2020-19874
Malware in sbrugna...
EUVD-2021-18474
Malware in sbrugna...
EUVD-2021-18473
Malware in sbrugna...
CVE-2020-27361
An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories...
CVE-2021-31581
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...
The vulnerability of the Akkadian Provisioning Manager Engine lies in its lack of measures to neutralize special elements used in the operating system command line. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Akkadian Provisioning Manager Engine exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of...
CVE-2021-3546[78]: Akkadian Console Server Vulnerabilities (FIXED)
!CVE-2021-3546\78: Akkadian Console Server Vulnerabilities \FIXED\https://blog.rapid7.com/content/images/2021/09/akkadian-vuln.jpg Over the course of routine security research, Rapid7 researchers Jonathan Peterson, Cale Black, William Vu, and Adam Cammack discovered that the Akkadian Console ofte...
CVE-2021-31580
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...
CVE-2021-31580
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...
CVE-2021-31581
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...
CVE-2021-31579
Akkadian Provisioning Manager Engine PME ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning Manager 5.0.2 and later, and Akkadian Appliance Manager 3.3.0.314-4a349e0 and later...
CVE-2021-31579
Akkadian Provisioning Manager Engine PME ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning Manager 5.0.2 and later, and Akkadian Appliance Manager 3.3.0.314-4a349e0 and later...
CVE-2021-31581
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...
Hardcoded credentials
Akkadian Provisioning Manager Engine PME ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning Manager 5.0.2 and later, and Akkadian Appliance Manager 3.3.0.314-4a349e0 and later...
Authentication flaw
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be bypassed by switching the OpenSSH channel from shell to exec and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 and later, Akkadian Provisioning...
Design/Logic Flaw
The restricted shell provided by Akkadian Provisioning Manager Engine PME can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 and later,...