5 matches found
K38271531: BIG-IP and BIG-IQ SCP vulnerability CVE-2022-26340
Security Advisory Description An authenticated, high-privileged attacker with no bash access may be able to access Certificate and Key files using Secure Copy SCP protocol from a remote system. CVE-2022-26340 Impact This vulnerability may allow an authenticated, high-privileged attacker who has...
SUSE CVE-2013-1652
Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key to read arbitrary catalogs or poison the master's cache via unspecified vectors...
F5 BIG-IP multiple products have unspecified vulnerabilities
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing, etc. Several F5 BIG-IP products have security vulnerabilities that can be exploited by attackers to access certificate and key files from remote...
Sensitive Data Exposure in pem
Versions of pem before 1.13.2 expose sensitive data when the readPkcs12 is used. The readPkcs12 function reads the certificate and key data from a pkcs12 file using the encryption password. As part of this process it creates a globally readable file with a filename of 20 random 0-f characters in...
DEBIAN-CVE-2013-1652
Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key to read arbitrary catalogs or poison the master's cache via unspecified vectors...