Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2 days ago7 views

CVE-2026-9561

Eclipse Kura versions prior to 5.6.2 trust the client-supplied X-Forwarded-For HTTP header as the authoritative source of the client IP address in audit log entries. The org.eclipse.kura.web2 Web Console and org.eclipse.kura.rest.provider REST API components use this header as the primary IP sour...

8.8CVSS6.1AI score0.00204EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 a.m.7 views

CVE-2019-10243

In Eclipse Kura versions up to 4.0.0, Kura exposes the underlying Ui Web server version in its replies. This can be used as a hint by an attacker to specifically craft attacks to the web server run by Kura...

5.3CVSS6.8AI score0.01337EPSS
Exploits0References1
OSV
OSV
added 2024/04/09 10:2 a.m.8 views

CVE-2024-3046

In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...

7.5CVSS7.7AI score0.00576EPSS
Exploits0References4
CNVD
CNVD
added 2017/09/13 12:0 a.m.7 views

Eclipse Kura Command Execution Vulnerability

Eclipse Kura is an OSGi-based M2M service gateway application framework from the Eclipse Foundation. A security vulnerability exists in versions of Eclipse Kura prior to 2.1.0. An attacker could exploit the vulnerability to log in to the device, execute commands, or take control of the device...

10CVSS9.5AI score0.01647EPSS
Exploits0References1
Rows per page
Query Builder