Lucene search
K

47 matches found

0day.today
0day.today
added 2018/12/01 12:0 a.m.43 views

Apache Spark - Unauthenticated Command Execution Exploit

This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Spark with standalone cluster mode through the REST API. It uses the function CreateSubmissionRequest to submit a malicious java class and triggers it. This module requires Metasploit:...

0.7AI score
Exploits0
CNVD
CNVD
added 2018/08/15 12:0 a.m.4 views

Apache Spark Authentication Control Vulnerability

Apache Spark is a large-scale data processing engine that supports acyclic data streams and in-memory computing from the Apache Software Foundation. A security vulnerability exists in Apache Spark versions 1.3.0 and later, which is caused by a standalone master or a Mesos master with cluster mode...

4.9CVSS4.8AI score0.6583EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/08/13 12:0 a.m.46 views

CVE-2018-11770

From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API for job submission, in addition to the submission mechanism used by spark-submit. In standalone, the config property 'spark.authenticate.secret' establishes a shared secret for authenticating requests to submit jobs vi...

4.8AI score0.6583EPSS
Exploits2References3
CNVD
CNVD
added 2017/10/19 12:0 a.m.6 views

Junos OS Denial of Service Vulnerability in Multiple Juniper Networks Products

Juniper SRX1400 and others are firewall appliances from Juniper Networks, Inc.Junos OS is the operating system that runs on them. A security vulnerability exists in the high availability cluster configuration mode of Junos OS versions 12.3X48 and 15.1X49 in various Juniper Networks products. An...

7.5CVSS7.4AI score0.01296EPSS
Exploits0References1
Citrix
Citrix
added 2017/09/05 12:0 a.m.11 views

iOS 11 MDM-enrolled Device Issues with XenMobile in Cluster Mode

MDM commands may try to deploy multiple times on an MDM-enrolled iOS 11 device and may fail to complete successfully. An admin attempting to push MDM policies to an iOS 11 device, deploy applications, or carry out security actions such as Lock or Wipe may not be able to successfully to do. The us...

7AI score
Exploits0
CNVD
CNVD
added 2017/07/20 12:0 a.m.20 views

Juniper SRX Series Appliance Junos OS Denial of Service Vulnerability

Juniper SRX Series devices are an SRX Series gateway device from Juniper Networks, Inc.Junos OS is the operating system used in them. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in the cluster mode of Junos OS versions 12.1X46,...

5.3CVSS5.5AI score0.00877EPSS
Exploits0References1
CVE
CVE
added 2017/07/14 2:0 p.m.55 views

CVE-2017-10604

CVE-2017-10604 affects Juniper SRX Series devices running Junos OS in cluster mode. The issue arises when account lockout is enabled: an unauthenticated user making failed root login attempts can trigger root lockout, which in turn causes cluster sync or failover errors. Affected releases are SRX...

5.3CVSS5.6AI score0.00877EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder