GitHub: View private repository NWO of deploy key via internal LFS API

The vulnerability allowed an attacker to enumerate the names of private repositories that utilized deploy keys in GitHub Enterprise Server. The vulnerability did not provide unauthorized access to any repository content besides the repository names. This vulnerability affected all versions of...

CVE-2024-21989

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges...

CVE-2024-21989

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges...

CVE-2024-21990

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials...

CVE-2024-21990

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials...

CVE-2024-21990 Default Privileged Account Credentials Vulnerability in ONTAP Select Deploy administration utility

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials...

CVE-2024-21990 Default Privileged Account Credentials Vulnerability in ONTAP Select Deploy administration utility

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials...

CVE-2024-21989 Privilege Escalation Vulnerability in ONTAP Select Deploy administration utility

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges...

CVE-2024-21989

CVE-2024-21989 affects NetApp ONTAP Select Deploy administration utility (versions 9.12.1.x, 9.13.1.x, 9.14.1.x). A read-only user can escalate privileges due to the vulnerability. Connected advisories confirm affected versions and privilege escalation risk; mitigation guidance varies—PT-Security...

CVE-2024-21989 Privilege Escalation Vulnerability in ONTAP Select Deploy administration utility

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges...

PT-2024-19141 · Netapp · Ontap Select Deploy Administration Utility

Name of the Vulnerable Software and Affected Versions: ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x Description: The issue allows a read-only user to escalate their privileges when successfully exploited. Recommendations: For versions 9.12.1.x, consider...

PT-2024-19143 · Netapp · Ontap Select Deploy Administration Utility

Name of the Vulnerable Software and Affected Versions: ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x Description: The issue is related to hard-coded credentials in the affected software, which could allow an attacker to view configuration information and modi...

NetApp ONTAP Select Deploy administration utility 信任管理问题漏洞

NetApp ONTAP Select Deploy administration utility is an administration utility for deploying and managing ONTAP Select clusters from Network Appliance NetApp, Inc. A security vulnerability exists in NetApp ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x , 9.14.1.x, which...

IBM UrbanCode Deploy Cross-Site Scripting Vulnerability (CNVD-2024-20489)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

IBM UrbanCode Deploy Log Information Disclosure Vulnerability

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

IBM DevOps Deploy and IBM UrbanCode Deploy Access Control Error Vulnerability

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

IBM UrbanCode Deploy Code Issue Vulnerability (CNVD-2024-20490)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

CVE-2024-23558

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...

CVE-2024-23558

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...

CVE-2024-23558 HCL DevOps Deploy / HCL Launch does not invalidate all session authentication cookies after logout

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...