84 matches found
CVE-2023-34240
Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security. Versions of cloudexplorer-lite prior to 1.2.0 did not enforce strong...
Design/Logic Flaw
Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security. Versions of cloudexplorer-lite prior to 1.2.0 did not enforce strong...
CVE-2023-34240 Weak passwords allowed in cloudexplorer-lite
Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security. Versions of cloudexplorer-lite prior to 1.2.0 did not enforce strong...
CVE-2023-34240 Weak passwords allowed in cloudexplorer-lite
Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security. Versions of cloudexplorer-lite prior to 1.2.0 did not enforce strong...
CVE-2023-34240 Weak passwords allowed in cloudexplorer-lite
Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force attacks. This can lead to an authentication system failure and compromise system security. Versions of cloudexplorer-lite prior to 1.2.0 did not enforce strong...
CVE-2023-34240
CVE-2023-34240 affects CloudExplorer-Lite prior to v1.2.0, where the authentication system did not enforce strong passwords, enabling weak-password guessing/brute-force attempts and potential authentication failures. Multiple sources confirm the issue and fix in v1.2.0, with upgrade advised. The ...
Default credentials
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0...
CVE-2023-3423 Weak Password Requirements in cloudexplorer-dev/cloudexplorer-lite
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0...
CVE-2023-3423
CVE-2023-3423 affects CloudExplorer Lite prior to version 1.2.0. The root cause described across sources is weak/absent password validation on the backend, which can allow weak passwords or guessing attempts to compromise accounts. Public references (NVD, Red Hat, OSV, etc.) consistently cite wea...
CVE-2023-3423 Weak Password Requirements in cloudexplorer-dev/cloudexplorer-lite
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0...
CloudExplorer Lite 安全漏洞
CloudExplorer Lite is CloudExplorer's platform that provides out-of-the-box basic functionality for cloud hosting management, cloud billing, operational analytics, and security compliance, as well as powerful extensibility to meet the customization needs of enterprises. A security vulnerability...
PT-2023-24755 · Unknown · Cloudexplorer Lite
Name of the Vulnerable Software and Affected Versions: cloudexplorer-lite versions prior to 1.2.0 Description: The issue concerns weak password requirements. Recommendations: For versions prior to 1.2.0, update to version 1.2.0 or later to resolve the issue...
CloudExplorer Lite 安全漏洞
CloudExplorer Lite is CloudExplorer's platform that provides out-of-the-box cloud hosting management, cloud billing, operational analytics, and security compliance, among other essential features, along with powerful extensibility to meet the customization needs of enterprises. A security...
PT-2023-24765 · Unknown · Cloudexplorer Lite
Name of the Vulnerable Software and Affected Versions: cloudexplorer-lite versions prior to 1.2.0 Description: The issue is related to weak passwords that can be easily guessed, making them an easy target for brute force attacks. This can lead to an authentication system failure and compromise...
CVE-2023-32316
CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds fo...
CVE-2023-32311
CloudExplorer Lite is an open source cloud management platform. In CloudExplorer Lite prior to version 1.1.0 users organization/workspace permissions are not properly checked. This allows users to add themselves to any organization. This vulnerability has been fixed in v1.1.0. Users are advised t...
Design/Logic Flaw
CloudExplorer Lite is an open source cloud management platform. In CloudExplorer Lite prior to version 1.1.0 users organization/workspace permissions are not properly checked. This allows users to add themselves to any organization. This vulnerability has been fixed in v1.1.0. Users are advised t...
CVE-2023-32316
CloudExplorer Lite (pre-1.1.0) contains a permission-check flaw in the user profile that lets an attacker add themselves to any organization. Affected component is the user profile handling in CloudExplorer Lite; root cause is missing authorization checks. Impact per sources is privilege escalati...
CVE-2023-32316 Users can add themselves to any organization in CloudExplorer Lite
CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds fo...
CVE-2023-32316 Users can add themselves to any organization in CloudExplorer Lite
CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds fo...