CVE-2021-2257

Vulnerability in the Oracle Storage Cloud Software Appliance product of Oracle Storage Gateway component: Management Console. The supported version that is affected is Prior to 16.3.1.4.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

CVE-2025-42909

SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not...

CVE-2025-42909

SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not...

CVE-2025-42909 Security Misconfiguration vulnerability in SAP Cloud Appliance Library Appliances

SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not...

CVE-2025-42909

CVE-2025-42909 (SAP Cloud Appliance Library Appliances) : A high-privilege attacker can exploit an insecure S/4HANA default profile setting in existing SAP CAL appliances to access other appliances. The impact is described as low for confidentiality with no impact on integrity or availability. Th...

CVE-2025-42909 Security Misconfiguration vulnerability in SAP Cloud Appliance Library Appliances

SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not...

EUVD-2025-34121

SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not...

PT-2025-41841

Name of the Vulnerable Software and Affected Versions SAP Cloud Appliance Library Appliances affected versions not specified Description An attacker with high privileges can exploit an insecure default profile setting within existing SAP CAL appliances to gain access to other appliances. The issu...

SAP Cloud Appliance Library Appliances 安全漏洞

SAP Cloud Appliance Library Appliances is a cloud mirroring and system deployment platform from SAP, Germany. A security vulnerability exists in SAP Cloud Appliance Library Appliances that stems from an insecure S/4HANA default profile setting, which could allow an attacker to access other...

VulnCheck KEV: CVE-2024-9379

Ivanti Cloud Services Appliance CSA contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements...

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance CSA has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 CVSS score: 7.2, which allows remote code execution under certain circumstances. "An OS command...

Oracle Storage Cloud Software Appliance 安全漏洞

Oracle Storage Cloud Software Appliance is an application from Oracle Corporation, USA. It provides a storage function A security vulnerability exists in Oracle Storage Cloud Software Appliance Management Console Prior to 16.3.1.4.2, which allows a highly privileged attacker with network access v...

Microsoft Azure Sphere 注入漏洞

Microsoft Azure Sphere is an appliance from Microsoft USA that is used to provide security in cloud environments. A denial of service vulnerability exists in Microsoft Azure Sphere version 20.05, which stems from the asynchronous ioctl feature of Microsoft Azure Sphere 20.05. An attacker could...