AZL-31297 CVE-2023-44487 affecting package cf-cli for versions less than 8.4.0-13

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

AZL-31326 CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

PT-2023-6006 · Fortinet · Fortimanager

Name of the Vulnerable Software and Affected Versions: FortiManager versions 7.2.0 through 7.2.3 FortiManager version 7.4.0 Description: The issue is related to an improper neutralization of special elements used in an os command, which may allow an attacker to execute unauthorized code or comman...

PT-2023-5997 · Fortinet · Fortimanager +1

Name of the Vulnerable Software and Affected Versions: FortiManager & FortiAnalyzer version 7.4.0 FortiManager & FortiAnalyzer versions 7.2.0 through 7.2.3 FortiManager & FortiAnalyzer versions 7.0.0 through 7.0.8 FortiManager & FortiAnalyzer versions 6.4.0 through 6.4.12 FortiManager &...

PT-2023-6007 · Fortinet · Fortimanager

Name of the Vulnerable Software and Affected Versions: FortiManager versions 6.0 through 7.2.2 Description: The issue is related to improper access control in the FortiManager management interface. This can allow a remote and authenticated attacker with at least "device management" permission on...

CVE-2023-4401

Dell SmartFabric Storage Software v1.4 and earlier contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access...

CVE-2023-43069

Dell SmartFabric Storage Software v1.4 and earlier contains an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker...

CVE-2023-43072

Dell SmartFabric Storage Software v1.4 and earlier contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands...

CVE-2023-43069

Dell SmartFabric Storage Software v1.4 and earlier contains an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker...

CVE-2023-43072

Dell SmartFabric Storage Software v1.4 and earlier contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands...

Command injection

Dell SmartFabric Storage Software v1.4 and earlier contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access...

Improper access control

Dell SmartFabric Storage Software v1.4 and earlier contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands...

Command injection

Dell SmartFabric Storage Software v1.4 and earlier contains an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker...

CVE-2023-43072

Dell SmartFabric Storage Software (versions 1.4 and earlier) contains an improper access control vulnerability in the Command Line Interface (CLI). A local, possibly unauthenticated attacker could exploit the vulnerability to execute arbitrary shell commands on the affected system. Root cause app...

CVE-2023-43072

Dell SmartFabric Storage Software v1.4 and earlier contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands...

CVE-2023-43072

Dell SmartFabric Storage Software v1.4 and earlier contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands...

CVE-2023-43069

Dell SmartFabric Storage Software v1.4 and earlier contains an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker...

CVE-2023-43069

Dell SmartFabric Storage Software v1.4 and earlier contains an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker...

CVE-2023-43069

Dell SmartFabric Storage Software versions 1.4 and earlier are affected by an OS command injection vulnerability in the CLI. An authenticated local attacker could potentially inject parameters to curl or docker, enabling arbitrary command execution. Impact includes possible compromise of confiden...

CVE-2023-4401

Dell SmartFabric Storage Software v1.4 and earlier contains an OS Command Injection Vulnerability in the CLI use of the ‘more’ command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access...