Lucene search
+L

12 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2021-3660

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an...

4.3CVSS5.5AI score0.01242EPSS
Exploits0References3
nessus
nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 7 : cockpit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cockpit: authenticates with revoked certificates CVE-2021-3698 - Cockpit and its plugins do not seem to...

7AI score0.01242EPSS
Exploits0References2
rosalinux
rosalinux
added 2023/10/24 2:5 p.m.24 views

Advisory ROSA-SA-2023-2280

Software: cockpit 264.2 OS: ROSA Virtualization 2.1 packageevrstring: cockpit-264.2-1.0.1.rv3c.src.rpm CVE-ID: CVE-2021-3660 BDU-ID: 2021-04029 CVE-Crit: MEDIUM CVE-DESC.: A manager vulnerability for Cockpit servers is related to errors in the display of the user interface or frames. Exploitation...

7.5CVSS6.5AI score0.01242EPSS
Exploits0
cbl_mariner
cbl_mariner
added 2022/05/26 7:4 p.m.15 views

CVE-2021-3660 affecting package cockpit 248-2

CVE-2021-3660 affecting package cockpit 248-2. A patched version of the package is available...

4.3CVSS7.5AI score0.01242EPSS
Exploits0
nessus
nessus
added 2022/05/12 12:0 a.m.21 views

AlmaLinux 8 : cockpit (ALSA-2022:2008)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2008 advisory. - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website,...

7.5CVSS6.3AI score0.01242EPSS
Exploits0References3
redhat
redhat
added 2022/05/10 1:59 p.m.47 views

Moderate: Red Hat Security Advisory: cockpit security, bug fix, and enhancement update

An update for cockpit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.6AI score0.01242EPSS
Exploits0References13
rocky
rocky
added 2022/05/10 6:44 a.m.78 views

cockpit security, bug fix, and enhancement update

An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

7.5CVSS6.2AI score0.01242EPSS
Exploits0
nessus
nessus
added 2022/05/10 12:0 a.m.40 views

CentOS 8 : cockpit (CESA-2022:2008)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:2008 advisory. - cockpit: pages vulnerable to clickjacking CVE-2021-3660 - cockpit: authenticates with revoked certificates CVE-2021-3698 Note that Nessus has not...

7.5CVSS6.5AI score0.01242EPSS
Exploits0References3
nvd
nvd
added 2022/03/10 5:42 p.m.17 views

CVE-2021-3660

Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...

4.3CVSS0.01242EPSS
Exploits0References3
cve
cve
added 2022/03/07 1:59 p.m.214 views

CVE-2021-3660

CVE-2021-3660 relates to Cockpit (and its plugins) not protecting against clickjacking, allowing a cockpit page to be rendered in an on another site. Connected data confirms affected package: cockpit 248-2, with a patched version available. AlmaLinux advisories reference a security fix addressin...

4.3CVSS4.6AI score0.01242EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2021/12/26 12:0 a.m.26 views

EulerOS 2.0 SP8 : cockpit (EulerOS-SA-2021-2797)

According to the versions of the cockpit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another...

4.3CVSS5.7AI score0.01242EPSS
Exploits0References2
openvas
openvas
added 2021/12/26 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for cockpit (EulerOS-SA-2021-2797)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.1AI score0.01242EPSS
Exploits0References2
Rows per page
Query Builder