10 matches found
CVE-2023-25569
Apollo is a configuration management system. Prior to version 2.1.0, a low-privileged user can create a special web page. If an authenticated portal admin visits this page, the page can silently send a request to assign new roles for that user without any confirmation from the Portal admin. Cooki...
CVE-2023-25569 apollo-portal has potential CSRF issue
Apollo is a configuration management system. Prior to version 2.1.0, a low-privileged user can create a special web page. If an authenticated portal admin visits this page, the page can silently send a request to assign new roles for that user without any confirmation from the Portal admin. Cooki...
SQL Injection Vulnerability in the File Server Configuration Management System of UFIDA Network Technology Corporation (CNVD-2021-37324)
Founded in 1988, UFIDA is a global provider of advanced cloud services, software, and financial services for enterprises and public organizations. A SQL injection vulnerability exists in the File Server Configuration Management System of UFIDA Network Technology Co., Ltd. that can be exploited by...
The vulnerability in the modules/serverdensity_device.py of the configuration management system and SaltStack remote execution module allows a perpetrator to gain unauthorized access to confidential data, cause service failures, or compromise data integrity.
The vulnerability in the modules/serverdensitydevice.py module of the Configuration Management system and SaltStack’s remote execution feature is related to a data processing error. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data, cause service...
CVE-2018-0345
A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due t...
Input validation
A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due t...
Micro Focus Universal CMDB, CMS and UCMDB Browser Cross-Site Scripting Vulnerabilities
Micro Focus Universal CMDB, CMS and UCMDB Browser are all products of Micro Focus, a UK-based company. Micro Focus Universal CMDB is a resource management solution; CMS is a CMDB configuration management system; UCMDB Browser is a lightweight, web-based client for accessing UCMDB Universal...
HP/HPE/Micro Focus Universal CMDB Detection (HTTP)
HTTP based detection of HP/HPE/Micro Focus Universal CMDB. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...
HP CMS UCMDB Information Disclosure Vulnerability
HP CMS is a configuration management system CMS from Hewlett-Packard HP in the United States that collects, stores, manages, updates, and presents data related to IT service configuration projects, including software and infrastructure.The UCMDB Unionized Configuration Management Database is one ...
Debian: Security Advisory (DSA-2451-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...