Lucene search
+L

16 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.27 views

RHEL 7 : Red Hat CloudForms (RHSA-2018:1972)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1972 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual...

9.8CVSS8.6AI score0.27065EPSS
Exploits10References134
OSV
OSV
added 2024/03/12 1:15 a.m.6 views

CVE-2024-27900

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

5.3CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2024/03/12 1:15 a.m.23 views

Authorization

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

4CVSS4.6AI score0.00393EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/12 12:44 a.m.11 views

CVE-2024-27900 Missing Authorization check in SAP ABAP Platform

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

4.3CVSS6.8AI score0.00393EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/12 12:44 a.m.40 views

CVE-2024-27900 Missing Authorization check in SAP ABAP Platform

Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner...

4.3CVSS4.9AI score0.00393EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/11 12:0 a.m.7 views

PT-2024-22121 · Sap · Sap Abap Platform

Name of the Vulnerable Software and Affected Versions: SAP ABAP Platform versions 758, 795 Description: The issue is due to a missing authorization check, allowing an attacker with a business user account to change the privacy setting of job templates from shared to private, making the selected...

5.3CVSS6.8AI score0.00393EPSS
Exploits0References5
NVD
NVD
added 2022/03/23 8:15 p.m.18 views

CVE-2021-3589

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS0.01031EPSS
Exploits0References2
OSV
OSV
added 2022/03/23 8:15 p.m.5 views

CVE-2021-3589

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS7.2AI score0.01031EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/23 8:15 p.m.5 views

CVE-2021-3589

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS5.5AI score0.01031EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/03/23 12:0 a.m.6 views

PT-2022-10476 · Unknown · Foreman Ansible

Name of the Vulnerable Software and Affected Versions: Foreman Ansible affected versions not specified Description: An authorization flaw was found, allowing an authenticated attacker with certain permissions to create and run Ansible jobs to access hosts through job templates. This poses a threa...

8CVSS7.4AI score0.01031EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/03/23 12:0 a.m.6 views

Foreman 访问控制错误漏洞

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A security vulnerability exists in Foreman Ansible where an authenticated attacker with specific...

8CVSS7.6AI score0.01031EPSS
Exploits0References3
CNVD
CNVD
added 2022/03/01 12:0 a.m.18 views

Open OnDemand has an unspecified vulnerability

Osc Open OnDemand is an application of the Osc open source organization in the United States. Open OnDemand has a security vulnerability that could be exploited by an attacker to provide crafted input in job templates...

4.3CVSS2.1AI score0.01052EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/02/26 12:0 a.m.4 views

Open OnDemand 安全漏洞

Osc Open OnDemand is an application of the Osc open source organization in the United States. Open OnDemand has a security vulnerability that could be exploited by an attacker to provide crafted input in job templates...

4.3CVSS5.7AI score0.01052EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 2:12 p.m.79 views

Moderate: Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container

Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container Fixed two jQuery vulnerabilities CVE-2020-11022, CVE-2020-11023 Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTPs requests by default Updated several dependencies of Ansible Tower's User Interface to...

9.8CVSS6.8AI score0.99019EPSS
Exploits13References3
The Hacker News
The Hacker News
added 2019/12/23 12:41 p.m.85 views

The Best Templates for Posting Cybersecurity Jobs

The cybersecurity of a company is heavily reliant upon the skills and knowledge of the people who install, manage, and operate its security products. This means that recruiting and nurturing the best security team possible should be a CISO's top priority. Cynet's Ultimate Cybersecurity Job Postin...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2019/12/23 12:41 p.m.10 views

The Best Templates for Posting Cybersecurity Jobs

The cybersecurity of a company is heavily reliant upon the skills and knowledge of the people who install, manage, and operate its security products. This means that recruiting and nurturing the best security team possible should be a CISO's top priority. Cynet's Ultimate Cybersecurity Job Postin...

5.8AI score
Exploits0
Rows per page
Query Builder