Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2024/11/06 12:0 a.m.54 views

openSUSE Security Advisory (SUSE-SU-2024:3911-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS7.6AI score0.97781EPSS
Exploits17References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.20 views

openSUSE: Security Advisory for SUSE Manager Server 4.2 (SUSE-SU-2023:2594-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.4CVSS7.3AI score0.01166EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/12/15 12:0 a.m.40 views

SUSE SLES15: apache2-mod_wsgi / billing-data-service / inter-server-sync / etc (SUSE-SU-2023:4737-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:4737-1 advisory. billing-data-service: - Version 4.3.2-1 Relax dependency to csp-billing-adapter-service inter-server-sync: - Version 0.3.1 Require at least Go 1.20 for...

9.4CVSS6.8AI score0.00452EPSS
Exploits0References34
NVD
NVD
added 2023/09/20 9:15 a.m.30 views

CVE-2023-22644

A user can reverse engineer the JWT token JSON Web Token used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE...

9.4CVSS4.5AI score0.00452EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/09/20 8:12 a.m.22 views

CVE-2023-22644 JWT token compromise can allow malicious actions including Remote Code Execution (RCE)

A user can reverse engineer the JWT token JSON Web Token used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE...

9.4CVSS6.3AI score0.00452EPSS
Exploits0References2
CVE
CVE
added 2023/09/20 8:12 a.m.98 views

CVE-2023-22644

CVE-2023-22644 describes a JWT authentication weakness in NeuVector where an attacker can reverse engineer the token used for Manager and API access to forge a valid NeuVector token, enabling malicious activity and potentially Remote Code Execution (RCE). Public details in the provided documents ...

9.4CVSS5.3AI score0.00452EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/06/21 12:38 p.m.6 views

SUSE-RU-2023:2595-1 Security update for SUSE Manager Server 4.2

This update fixes the following issues: branch-network-formula: - Update to version 0.1.1680167239.23f2fec Remove unnecessary import of 'salt.ext.six' cpu-mitigations-formula: - Update to version 0.5.0: Mark all SUSE Linux Enterprise 15 SP4 and newer and openSUSE 15.4 and newer as supported...

9.4CVSS6.9AI score0.00452EPSS
Exploits0References38
SUSE CVE
SUSE CVE
added 2023/03/31 1:57 a.m.3 views

SUSE CVE-2023-22644

A user can reverse engineer the JWT token JSON Web Token used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE...

5.5CVSS9.4AI score0.00452EPSS
Exploits0References18
Rows per page
Query Builder