144 matches found
PT-2025-14875 · Bitdefender · Bitdefender Gravityzone Update Server
Name of the Vulnerable Software and Affected Versions: Bitdefender GravityZone Update Server affected versions not specified Description: A server-side request forgery SSRF issue exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 707...
CVE-2024-6980
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise...
CVE-2024-6980
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise...
CVE-2024-6980 Verbose error handling issue in GravityZone Update Server proxy service
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise...
CVE-2024-6980 Verbose error handling issue in GravityZone Update Server proxy service
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise...
CVE-2024-6980
The CVE-2024-6980 entry concerns Bitdefender GravityZone: GravityZone Console on-premises prior to 6.38.1-5, where a verbose error handling issue in the Update Server proxy service enables server-side request forgery (SSRF). The vulnerability affects the proxy component (GravityZone Update Server...
PT-2024-38018 · Bitdefender · Gravityzone Console
Name of the Vulnerable Software and Affected Versions: GravityZone Console versions prior to 6.38.1-5 Description: A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects...
Bitdefender GravityZone 安全漏洞
Bitdefender GravityZone is a scanning software from Bitdefender Romania. A security vulnerability exists in Bitdefender GravityZone versions prior to 6.38.1-5, which stems from the presence of a detailed error handling issue that allows an attacker to spoof server-side requests...
The vulnerability of the white-list analyzer service in the GravityZone proxy server allows a hacker to perform an SSRF attack.
The vulnerability of the white-list analyzer service in the GravityZone proxy server is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...
CVE-2024-4177
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise...
CVE-2024-4177
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise...
CVE-2024-4177 Host whitelist parser issue in GravityZone Console On-Premise (VA-11554)
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise...
CVE-2024-4177 Host whitelist parser issue in GravityZone Console On-Premise (VA-11554)
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise...
CVE-2024-4177
The CVE-2024-4177 issue affects Bitdefender GravityZone Update Server (on‑premise) with GravityZone Console versions prior to 6.38.1-2. The root cause is a host whitelist parser in the proxy service, enabling server-side request forgery (SSRF). Impact is high/critical per sources, with network at...
Bitdefender GravityZone Update Server Security Vulnerability
Bitdefender GravityZone Update Server is a solution from Bitdefender Romania for managing and distributing update files on the Bitdefender GravityZone administrator console. A security vulnerability exists in Bitdefender GravityZone Update Server that stems from a problem with the host whitelist...
CVE-2024-2223
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint Security for Linux...
CVE-2024-2223
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint Security for Linux...
CVE-2024-2224
Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component...
CVE-2024-2224
Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component...
CVE-2024-2224
CVE-2024-2224 affects Bitdefender GravityZone UpdateServer and related products: Linux endpoint 7.0.5.200089, Windows endpoint 7.9.9.380, GravityZone Control Center On Premises 6.36.1. The issue is an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) in the UpdateServer...