Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2023/12/08 12:0 a.m.64 views

Qlik Sense Enterprise Multiple Vulnerabilities

The version of Qlik Sense Enterprise installed on the remote Windows host is prior August 2022 Patch 14, November 2022 prior to Patch 11, February 2023 prior to Patch 8 or May 2023 prior to Patch 4. It is, therefore, affected by multiple vulnerabilities. - An HTTP tunneling vulnerability due to...

9.9CVSS8.1AI score0.84967EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/12/08 12:0 a.m.33 views

Qlik Sense Enterprise HTTP Tunneling RCE

The version of Qlik Sense Enterprise installed on the remote Windows host is prior to November 2021 Patch 17, February 2022 prior to Patch 15, May 2022 prior to Patch 16, August 2022 prior to Patch 14, November 2022 prior to Patch 12, February 2023 prior to Patch 10, May 2023 prior to Patch 6 or...

9.9CVSS8.9AI score0.84967EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2023/11/28 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-41265

Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software...

9.9CVSS7.5AI score0.84967EPSS
Exploits0References1
Prion
Prion
added 2023/11/15 10:15 p.m.34 views

Input validation

Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP requests on the backe...

6.5CVSS8.3AI score0.84967EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/08/29 11:15 p.m.38 views

CVE-2023-41265

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

9.9CVSS9.3AI score0.84967EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/08/29 12:0 a.m.48 views

CVE-2023-41265

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

9.6CVSS9.5AI score0.84967EPSS
Exploits0References2
CVE
CVE
added 2023/08/29 12:0 a.m.340 views

CVE-2023-41265

CVE-2023-41265 affects Qlik Sense Enterprise for Windows. The issue is an HTTP Request Smuggling vulnerability caused by tunneling HTTP requests in the raw HTTP traffic, enabling a remote attacker to escalate privileges by crafting requests that execute on the backend repository server. Affected ...

9.9CVSS9.2AI score0.84967EPSS
In wildExploits0References3Affected Software1
Rows per page
Query Builder