Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : fwupd-1.7.8-2.el8.ML.1 (AXSA:2023-7312:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7312:04 advisory. fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 Tenable has extracted the preceding description block directly from the MiracleLinux...

6.5CVSS5.6AI score0.00619EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 4: fwupd (TSSA-2025:0084)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0084 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.5CVSS6.1AI score0.00619EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: fwupd (TSSA-2023:0301)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0301 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

6.5CVSS6.1AI score0.00619EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2022-3287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction,...

6.5CVSS6.4AI score0.00619EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/03/19 12:0 a.m.40 views

RHEL 8 : fwupd (RHSA-2024:1403)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1403 advisory. The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in...

6.5CVSS6.2AI score0.00619EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.28 views

RHEL 8 : fwupd (RHSA-2024:1106)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1106 advisory. The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in...

6.5CVSS6.2AI score0.00619EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/28 12:0 a.m.32 views

Rocky Linux 8 : fwupd (RLSA-2023:7189)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:7189 advisory. - When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction,...

6.5CVSS6.1AI score0.00619EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/21 12:0 a.m.33 views

Oracle Linux 8 : fwupd (ELSA-2023-7189)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7189 advisory. 1.7.8-2.0.1 - Modify %prep to correctly apply downstream patches - Align sections to 512 bytes Orabug: 35265981 - Use objcopy to build arm/aarch64 binaries if...

6.5CVSS6.1AI score0.00619EPSS
Exploits0References2
OSV
OSV
added 2023/11/14 12:0 a.m.26 views

ALSA-2023:7189 Moderate: fwupd security update

The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

6.5CVSS6.3AI score0.00619EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/11/14 12:0 a.m.51 views

Moderate: fwupd security update

The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

6.5CVSS7.1AI score0.00619EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/14 12:0 a.m.33 views

CentOS 8 : fwupd (CESA-2023:7189)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:7189 advisory. - When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction,...

6.5CVSS6.1AI score0.00619EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.41 views

RHEL 9 : fwupd (RHSA-2023:2487)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2487 advisory. The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password ...

6.7CVSS7.1AI score0.01037EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2023/05/09 10:3 a.m.62 views

Moderate: Red Hat Security Advisory: fwupd security and bug fix update

An update for fwupd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

6.7CVSS6.9AI score0.01037EPSS
Exploits0References10
OSV
OSV
added 2023/05/09 12:0 a.m.33 views

ALSA-2023:2487 Moderate: fwupd security and bug fix update

The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 shim: 3rd party shim allow secure boot bypass CVE-2022-34301 shim: 3rd party shim allow secure boot bypass...

6.7CVSS6.5AI score0.01037EPSS
Exploits0References10
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.80 views

Moderate: fwupd security and bug fix update

The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 shim: 3rd party shim allow secure boot bypass CVE-2022-34301 shim: 3rd party shim allow secure boot bypass...

6.7CVSS7AI score0.01037EPSS
Exploits0References10
OSV
OSV
added 2022/09/28 7:7 p.m.34 views

CVE-2022-3287

When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file...

6.5CVSS6.7AI score0.00619EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/09/28 7:7 p.m.4 views

CVE-2022-3287

When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file...

6.4AI score0.00619EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/28 7:7 p.m.33 views

CVE-2022-3287

When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file...

6.5AI score0.00619EPSS
Exploits0References1
CVE
CVE
added 2022/09/28 7:7 p.m.103 views

CVE-2022-3287

CVE-2022-3287 affects fwupd where the Redfish plugin saved the auto-generated BMC password to /etc/fwupd/redfish.conf with insufficient access restriction, enabling any local user to read the password. Impact is confidentiality of credentials (high), with no remote exploitation details provided i...

6.5CVSS6.2AI score0.00619EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2022/09/28 12:0 a.m.385 views

CVE-2022-3287

When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file...

6.5CVSS6.5AI score0.00619EPSS
Exploits0References2
Rows per page
Query Builder