Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/07/30 11:40 p.m.16 views

CVE-2025-54765

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to import the appliance configuration, allowing an attacker to control the configuration of the appliance, to include...

5.3CVSS7.1AI score0.06894EPSS
Exploits2References1
OSV
OSV
added 2025/07/29 12:15 a.m.5 views

CVE-2025-54766

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to export the appliance configuration, exposing sensitive information...

5.3CVSS5.8AI score0.06894EPSS
Exploits2References3
OSV
OSV
added 2025/07/29 12:15 a.m.2 views

CVE-2025-54768

An API endpoint that should be limited to web application administrators is hidden from, but accessible by, lower-level read only web application users. The endpoint can be used to download logs from the appliance configuration, exposing sensitive information...

5.3CVSS5.8AI score0.03976EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.9 views

PT-2025-31156 · Appliance · Appliance

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: An API endpoint intended for web application administrators is accessible to lower-level read-only users. This allows unauthorized access to appliance configuration import functionality, potentiall...

5.3CVSS7.1AI score0.06894EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2024/04/15 12:0 a.m.22 views

Microsoft Azure Appliance Configuration Manager Installed (Windows)

Binary data microsoftazureapplianceconfigurationmanagerwininstalled.nbin...

7.3AI score
Exploits0References1
Prion
Prion
added 2021/06/30 11:15 a.m.16 views

Authentication flaw

The Symantec Advanced Secure Gateway ASG and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance...

9CVSS9.8AI score0.01447EPSS
Exploits0References1Affected Software8
Citrix
Citrix
added 2020/10/19 12:0 a.m.12 views

SSL Renegotiation Process and Session Reuse on ADC Appliance

This article contains information about the SSL renegotiation and session reuse on a ADC appliance. SSL Renegotiation Process on a ADC Appliance The SSL renegotiation process is the new SSL handshake process over an established SSL connection. The SSL renegotiation process can establish another...

7AI score
Exploits0
Citrix
Citrix
added 2018/06/08 12:0 a.m.7 views

How To Change the Unidesk(2.x and 3.x) / App Layering(4.x) appliance IP addresses

The IP address can be changed on Unidesk appliances and the App Layering ELM appliance through the administrator login...

7.1AI score
Exploits0
CNVD
CNVD
added 2017/11/21 12:0 a.m.4 views

Belden Hirschmann Tofino Xenon Security Appliance Firmware Signature Vulnerability

The Tofino Xenon security appliance is the ideal solution for segmenting control networks into secure zones. An incomplete firmware signature vulnerability exists in the Tofino Xenon security appliance versions prior to 03.2.00. The vulnerability arises because the applianceconfig file is signed...

7.2CVSS6.5AI score0.00273EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2011/09/02 5:55 p.m.3 views

CVE-2009-5086

Cross-site scripting XSS vulnerability in Appliance Configuration Manager ACM in Juniper IDP 4.1 before 4.1r3 and 4.2 before 4.2r1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01042EPSS
Exploits0References4
CVE
CVE
added 2011/09/02 5:0 p.m.54 views

CVE-2009-5086

CVE-2009-5086 concerns an XSS vulnerability in Juniper IDP ACM (Appliance Configuration Manager). Affected are IDP versions prior to 4.1r3 and prior to 4.2r1, where an attacker can inject arbitrary web script or HTML via unspecified vectors in the ACM web interface. The practical impact is that a...

4.3CVSS5.8AI score0.01042EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder