4 matches found
CVE-2025-27623
A flaw was found in Jenkins. Affected versions of Jenkins do not redact encrypted values of secrets when accessing the config.xml of views via REST API or CLI. This flaw allows attackers with view/read permission to view encrypted values of secrets...
CVE-2020-1631
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN DVPN, Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning ZTP allows an unauthenticated attacker to perform local file inclusion LFI or path traversal. Using this vulnerability...
CVE-2016-4511
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...
CVE-2016-2295
Moxa MiiNePortE14641 devices with firmware 1.1.10 Build 09120714, MiiNePortE17080 devices with firmware 1.1.10 Build 09120714, MiiNePortE21242 devices with firmware 1.1 Build 10080614, MiiNePortE24561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build...