Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:51 a.m.6 views

CVE-2021-2218

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft component: Health Center. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterpris...

8.3CVSS6.3AI score0.01293EPSS
Exploits0References1
OSV
OSV
added 2019/02/18 11:42 p.m.16 views

GHSA-J336-34Q7-CGJ3 Downloads Resources over HTTP in healthcenter

Affected versions of healthcenter insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...

9.3CVSS8.1AI score0.01752EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2019/02/18 11:42 p.m.33 views

Downloads Resources over HTTP in healthcenter

Affected versions of healthcenter insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...

9.3CVSS3.8AI score0.01752EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2018/06/15 12:0 a.m.4 views

Healthcenter Remote Code Execution Vulnerability

healthcenter is a set of diagnostic tools for checking the status of running Java or Node.js applications. A security vulnerability exists in healthcenter that originates when a program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the...

9.3CVSS8.1AI score0.01752EPSS
Exploits0References1
Veracode
Veracode
added 2018/06/05 3:49 a.m.13 views

Man-in-the-Middle (MitM)

healthcenter is susceptible to man-in-the-middle MitM attacks. The attacker can download binary resources via HTTP, allowing MitM attacks. Since the attacker can replace the requested binary with its controlled binary if the attacker is on the network or positioned in between the user and the...

8.1CVSS8.3AI score0.01752EPSS
Exploits0References1Affected Software1
Node.js
Node.js
added 2016/12/02 4:45 a.m.44 views

Downloads Resources over HTTP

Overview Affected versions of healthcenter insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution...

9.3CVSS3.6AI score0.01752EPSS
Exploits0Affected Software1
Rows per page
Query Builder