15 matches found
EUVD-2020-29833
Malware in sbrugna...
EUVD-2020-29831
Malware in sbrugna...
CVE-2020-9000
An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources triggering a deni...
CVE-2020-9002
An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANYADMIN to UserRoleKey=DOMAINADMIN to achieve Domain Administrator access...
CVE-2020-9000
An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources triggering a deni...
CVE-2020-9002
An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANYADMIN to UserRoleKey=DOMAINADMIN to achieve Domain Administrator access...
CVE-2020-9000
An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources triggering a deni...
Design/Logic Flaw
An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANYADMIN to UserRoleKey=DOMAINADMIN to achieve Domain Administrator access...
Design/Logic Flaw
An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources triggering a deni...
CVE-2020-9002
CVE-2020-9002 affects iPortalis iCS 7.1.13.0. An attacker can escalate privileges by intercepting a request and changing UserRoleKey=COMPANY_ADMIN to DOMAIN_ADMIN, granting Domain Administrator access. Details across sources consistently describe a privilege escalation via improper validation of ...
CVE-2020-9002
An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a request and changing UserRoleKey=COMPANYADMIN to UserRoleKey=DOMAINADMIN to achieve Domain Administrator access...
CVE-2020-9000
An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapidly cause .NET Input Validation errors. This increases the size of the log file on the remote server until memory is exhausted, therefore consuming the maximum amount of resources triggering a deni...
CVE-2020-9000
CVE-2020-9000 affects iPortalis iCS 7.1.13.0. The issue arises from .NET input validation that allows an attacker to send a sequence of requests to rapidly enlarge the remote server’s log file, causing memory exhaustion and a denial-of-service condition. The Real-world exposure is network-accessi...
iPortalis 资源管理错误漏洞
iPortalis is providing management of Microsoft licenses, costs, governance and reporting capabilities. A resource management error vulnerability exists in iPortalis iCS that stems from the product's failure to add valid validation for log file sizes. An attacker could cause a denial of service by...
iPortalis 输入验证错误漏洞
iPortalis is providing management of Microsoft licenses, costs, governance and reporting capabilities. An input validation error vulnerability exists in iPortalis iCS that stems from not adding a valid privilege authentication to a UserRoleKey=request. An attacker could gain domain administrative...