14 matches found
EUVD-2021-22822
Malware in sbrugna...
PT-2024-24920 · Software House · Software House Ccure 9000
Name of the Vulnerable Software and Affected Versions: Software House C•CURE 9000 affected versions not specified Description: The issue arises when the Software House C•CURE 9000 installer utilizes unnecessarily wide permissions under certain circumstances. Recommendations: At the moment, there ...
CVE-2024-0912 CCURE passwords exposed to administrators
Under certain circumstances the Microsoft® Internet Information Server IIS used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions...
CVE-2024-0912 CCURE passwords exposed to administrators
Under certain circumstances the Microsoft® Internet Information Server IIS used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions...
CVE-2021-36201
Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions...
CVE-2021-36201
Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions...
Code injection
Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions...
CVE-2021-36201
CVE-2021-36201 affects Johnson Controls/Sensormatic C-CURE 9000. The vulnerability, labeled Observable Response Discrepancy, occurs in CCURE 9000 versions prior to 2.90 and could allow an unauthorized CCURE Portal user to enumerate existing user accounts due to problematic responses. CVSS base me...
CVE-2021-36201 CCURE Observable Response Discrepancy
Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions...
CVE-2021-36201 CCURE Observable Response Discrepancy
Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 version 2.90 and prior versions...
PT-2022-10492 · Unknown · Ccure 9000
Name of the Vulnerable Software and Affected Versions: CCURE 9000 versions prior to 2.90 Description: The issue allows a CCURE Portal user to enumerate user accounts under certain circumstances. Recommendations: For CCURE 9000 versions prior to 2.90, update to a version later than 2.90 to resolve...
CVE-2020-9049
A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid...
CVE-2020-9048
A vulnerability in specified versions of American Dynamics victor Web Client and Software House CCURE Web Client could allow a remote unauthenticated attacker on the network to delete arbitrary files on the system or render the system unusable by conducting a Denial of Service attack...
PT-2020-20461 · American Dynamics +1 · American Dynamics Victor Web Client +1
Name of the Vulnerable Software and Affected Versions: American Dynamics victor Web Client versions up to and including v5.4.1 Software House CCURE Web Client affected versions not specified Description: A remote unauthenticated attacker on the network could delete arbitrary files on the system o...