Lucene search
+L

80 matches found

OSV
OSV
added 2023/09/07 1:15 p.m.5 views

CVE-2023-39420

The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an "admin" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the...

8.8CVSS5.8AI score0.00548EPSS
Exploits0References1
OSV
OSV
added 2023/09/07 1:15 p.m.4 views

CVE-2023-39424

A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content such as a web shell component to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but c...

8.8CVSS6AI score0.00737EPSS
Exploits0References1
Prion
Prion
added 2023/09/07 1:15 p.m.19 views

Code injection

The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loaded on the client side, thus rendering this extra safety mechanism useless...

7.5CVSS9.5AI score0.00355EPSS
Exploits0References1
CVE
CVE
added 2023/09/07 12:25 p.m.48 views

CVE-2023-39424

CVE-2023-39424 affects the RDPngFileUpload.dll component used by the IRM Next Generation booking system. The vulnerability allows a remote attacker to upload arbitrary content (e.g., a web shell) to the SQL database and execute it with SYSTEM privileges. Authentication is required for exploitatio...

9.9CVSS9.5AI score0.00737EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/07 12:25 p.m.35 views

CVE-2023-39424 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in RDPngFileUpload.dll

A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to upload arbitrary content such as a web shell component to the SQL database and execute it with SYSTEM privileges. This vulnerability requires authentication to be exploited but c...

9.9CVSS10AI score0.00737EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/07 12:22 p.m.30 views

CVE-2023-39422 Use of Hard-coded Credentials in multiple /irmdata/api/ endpoints

The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loaded on the client side, thus rendering this extra safety mechanism useless...

6.5CVSS9.8AI score0.00355EPSS
Exploits0References1
CVE
CVE
added 2023/09/07 12:19 p.m.2488 views

CVE-2023-39421

CVE-2023-39421 involves the RDPWin.dll component used by the IRM Next Generation booking engine, which contains hardcoded API keys for third‑party services (Twilio, Vonage). The root cause is hardcoded credentials in RDPWin.dll, enabling unrestricted interaction with these services. NVD assigns a...

7.7CVSS7.6AI score0.00392EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/07 12:19 p.m.35 views

CVE-2023-39421 Use of Hard-coded Credentials in RDPWin.dll

The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of hardcoded API keys for third-party services such as Twilio and Vonage. These keys allow unrestricted interaction with these services...

7.7CVSS7.8AI score0.00392EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/07 12:19 p.m.19 views

CVE-2023-39421 Use of Hard-coded Credentials in RDPWin.dll

The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of hardcoded API keys for third-party services such as Twilio and Vonage. These keys allow unrestricted interaction with these services...

7.7CVSS7.2AI score0.00392EPSS
Exploits0References1
CVE
CVE
added 2023/09/07 12:17 p.m.51 views

CVE-2023-39420

CVE-2023-39420 affects the RDPCore.dll component used in the IRM Next Generation booking engine. The vulnerability arises from a routine that computes a daily password for an admin account, enabling a remote user who can access a customer deployment to gain full, unrestricted access to the applic...

9.9CVSS9.1AI score0.00548EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/07 12:17 p.m.17 views

CVE-2023-39420 Use of Hard-coded Credentials in RDPCore.dll

The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an "admin" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the...

9.9CVSS6.9AI score0.00548EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/07 12:0 a.m.10 views

PT-2023-26941 · Unknown · Irm Next Generation

Name of the Vulnerable Software and Affected Versions: IRM Next Generation booking engine affected versions not specified Description: The RDPCore.dll component in the IRM Next Generation booking engine allows a remote user to connect to customers with an "admin" account and a corresponding...

9.9CVSS8.5AI score0.00548EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/09/07 12:0 a.m.8 views

PT-2023-26943 · Unknown · Irm Next Generation

Name of the Vulnerable Software and Affected Versions: IRM Next Generation booking engine affected versions not specified Description: The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticate requests using HMAC tokens. However, these tokens are exposed in a...

9.8CVSS9.5AI score0.00355EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/09/07 12:0 a.m.11 views

PT-2023-26942 · Twilio +1 · Twilio +1

Name of the Vulnerable Software and Affected Versions: IRM Next Generation booking engine affected versions not specified Description: The RDPWin.dll component includes a set of hardcoded API keys for third-party services such as Twilio and Vonage. These keys allow unrestricted interaction with...

7.7CVSS7.5AI score0.00392EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2022/11/09 12:0 a.m.8 views

Microsoft Office Defense in Depth Update (ADV220003)

This host is missing an important security update according to Microsoft KB3191875/KB3191869. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-late...

7.2AI score
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2022/11/08 8:0 a.m.406 views

Microsoft Defense in Depth Update

Microsoft has released an update for Microsoft Office that provides enhanced security as a defense in depth measure. This update provides hardening around IRM-protected documents to ensure the trust-of-certificate chain...

1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/11/08 12:0 a.m.21 views

Security Updates for Microsoft Office Products (November 2022)

The Microsoft Office Products are missing a security update that provides enhanced security as a defense-in-depth measure. This update provides hardening around IRM-protected documents to ensure the trust-of-certificate chain. Note that Nessus has not tested for this issue but has instead relied...

5.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2022/06/07 12:45 p.m.24 views

Conducting Modern Insider Risk Investigations

Dealing with risks presented by internal users requires a different approach than those from external threats. This shouldn’t be news to anyone, but it does need to be said since it’s not something that always happens in practice. It’s not uncommon to see the cudgels common to blue teams wielded...

6.9AI score
Exploits0References2
Qualys Blog
Qualys Blog
added 2020/11/16 4:45 p.m.24 views

A Modern Approach to Risk Management and Compliance

For far too long, organizations had to rely on traditional Governance, Risk and Compliance GRC tools -- with their modular and siloed approach -- to address their risk management and reporting compliance posture. With an increasing number of organizations looking at the Integrated Risk Management...

7.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2019/12/10 8:0 a.m.40 views

Description of the security update for Excel 2010: December 10, 2019

Description of the security update for Excel 2010: December 10, 2019 Summary This security update resolves an information disclosure vulnerability that exists if Microsoft Excel incorrectly discloses the contents of its memory. To learn more about the vulnerability, see Microsoft Common...

5.5CVSS5.5AI score0.08123EPSS
Exploits0
Rows per page
Query Builder