Lucene search
+L

5 matches found

Packet Storm
Packet Storm
added 2024/03/06 12:0 a.m.477 views

Artica Proxy 4.50 Loopback Service Disclosure

KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Title: Artica Proxy Loopback Services Remotely Accessible Unauthenticated Advisory ID: KL-001-2024-004 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt 1...

7.4AI score0.16711EPSS
Exploits3
0day.today
0day.today
added 2024/03/06 12:0 a.m.582 views

Artica Proxy 4.50 Loopback Service Disclosure Vulnerability

Services that are running and bound to the loopback interface on the Artica Proxy version 4.50 are accessible through the proxy service. In particular, the tailon service is running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Using the tailon service,...

9.8CVSS7.1AI score0.16711EPSS
Exploits3
CVE
CVE
added 2024/03/05 6:57 p.m.93 views

CVE-2024-2056

CVE-2024-2056 — Artica Proxy Tailon exposure : Connected sources confirm that Artica Proxy runs a tailon service bound to the loopback interface and listening on TCP 7050. The tailon instance is running as root and is accessible via the proxy service, allowing an attacker to view files on the Art...

9.8CVSS9.5AI score0.16711EPSS
Exploits3References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/05 6:57 p.m.15 views

CVE-2024-2056 Artica Proxy Loopback Services Remotely Accessible Unauthenticated

Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the "tailon" service is running, running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Security issues associated...

6.8AI score0.16711EPSS
Exploits3References3
KoreLogic Security
KoreLogic Security
added 2024/03/05 12:0 a.m.102 views

Artica Proxy Loopback Services Remotely Accessible Unauthenticated

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.50 Platform: Debian 10 LTS CWE Classification: CWE-288: Authentication Bypass Using an Alternate Path or Channel, CWE-552: Files or Directories Accessible to External Parties CVE ID: CVE-2024-2056 2...

9.8CVSS6.7AI score0.16711EPSS
Exploits3Affected Software1
Rows per page
Query Builder