CVE-2021-38379

CVE-2021-38379 affects CFEngine Enterprise Hub: versions 3.6.7–3.18.0 have insecure permissions that permit local information disclosure. Root cause is insecure hub permissions. Affected product is CFEngine Enterprise; impact is partial confidentiality breach with local access. Public exploits ar...

CVE-2021-38379

The Hub in CFEngine Enterprise 3.6.7 through 3.18.0 has Insecure Permissions that allow local Information Disclosure...

Northern.tech CfEngine 信息泄露漏洞

Northern.tech CfEngine is an open source configuration management solution from Northern.tech, Inc. It is used to securely manage It infrastructure. An information disclosure vulnerability exists in Northern.tech CFEngine Enterprise that stems from the Hub in CFEngine Enterprise 3.6.7 through...

Northern.tech CFEngine 信任管理问题漏洞

Northern.tech CfEngine is an open source configuration management solution from Northern.tech, Inc. It is used to securely manage It infrastructure. A security vulnerability exists in Northern.tech CFEngine Enterprise versions 3.15.0 through 3.15.4 that stems from the program's lack of SSL...

CVE-2019-19394

Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0...

CVE-2019-19394

Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0...

Code injection

Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0...

CVE-2019-19394

Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0...

CVE-2019-19394

CVE-2019-19394 affects Northern.tech CFEngine Enterprise prior to version 3.10.7, and the 3.11.x and 3.12.x branches prior to 3.12.3, as well as 3.13.x and 3.14.x branches. The vulnerability is an XSS issue in the CFEngine Enterprise product. The applicable fixes are in CFEngine Enterprise releas...

Code injection

Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...

CVE-2019-9929

Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...

CVE-2019-9929

Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...

CVE-2019-9929

CVE-2019-9929 concerns Northern.tech CFEngine Enterprise 3.12.1 with insecure permissions. The connected sources consistently describe the issue as an insecure-permissions vulnerability for CFEngine Enterprise 3.12.1. The available documentation does not specify the exact vulnerable file, compone...

CVE-2019-9929

Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...

CVE-2019-9929

Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...

Vulnerabilities of the Debian GNU/Linux operating system that allow a local malicious individual to compromise the integrity of protected information

The cfengine package of the Debian GNU/Linux operating system has multiple vulnerabilities that, if exploited, could lead to the compromise of protected information. These vulnerabilities can be exploited by local malicious individuals...

Vulnerabilities of the Debian GNU/Linux operating system that allow a local malicious individual to compromise the integrity of protected information

The cfengine-doc package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to the compromise of protected information. These vulnerabilities can be exploited by local malicious individuals...

Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the cfengine package up to version 2.1.7 inclusive of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

CFEngine 2.0.x CFServD Transaction Packet Buffer Overrun Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8699/info cfengine is prone to a stack-based buffer overrun vulnerability. This issue may be exploited by remote attackers who can send malicious transaction packets to cfservd. This issue is due to insufficient bounds...

GNU CFEngine 2.0.x/2.1 AuthenticationDialogue Remote Heap Based Buffer Overrun Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/10899/info GNU cfengine cfservd is reported prone to a remote heap-based buffer overrun vulnerability. The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue function. The issue exists due to a...