12 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3660
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an...
RHEL 7 : cockpit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cockpit: authenticates with revoked certificates CVE-2021-3698 - Cockpit and its plugins do not seem to...
Advisory ROSA-SA-2023-2280
Software: cockpit 264.2 OS: ROSA Virtualization 2.1 packageevrstring: cockpit-264.2-1.0.1.rv3c.src.rpm CVE-ID: CVE-2021-3660 BDU-ID: 2021-04029 CVE-Crit: MEDIUM CVE-DESC.: A manager vulnerability for Cockpit servers is related to errors in the display of the user interface or frames. Exploitation...
CVE-2021-3660 affecting package cockpit 248-2
CVE-2021-3660 affecting package cockpit 248-2. A patched version of the package is available...
AlmaLinux 8 : cockpit (ALSA-2022:2008)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2008 advisory. - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website,...
Moderate: Red Hat Security Advisory: cockpit security, bug fix, and enhancement update
An update for cockpit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
cockpit security, bug fix, and enhancement update
An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...
CentOS 8 : cockpit (CESA-2022:2008)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:2008 advisory. - cockpit: pages vulnerable to clickjacking CVE-2021-3660 - cockpit: authenticates with revoked certificates CVE-2021-3698 Note that Nessus has not...
CVE-2021-3660
Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an HTML entry. This may be used by a malicious website in clickjacking or similar attacks...
CVE-2021-3660
CVE-2021-3660 relates to Cockpit (and its plugins) not protecting against clickjacking, allowing a cockpit page to be rendered in an on another site. Connected data confirms affected package: cockpit 248-2, with a patched version available. AlmaLinux advisories reference a security fix addressin...
EulerOS 2.0 SP8 : cockpit (EulerOS-SA-2021-2797)
According to the versions of the cockpit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another...
Huawei EulerOS: Security Advisory for cockpit (EulerOS-SA-2021-2797)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...