22 matches found
EUVD-2024-34813
Malicious code in bioql PyPI...
CVE-2024-34458
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure...
CVE-2024-33872
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges...
CVE-2024-49202
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0...
CVE-2024-49202
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0...
CVE-2024-49202
Keyfactor Command prior to v12.5.0 contains an Incorrect Access Control issue where access tokens have over-permissioned rights (64099). Reported across multiple sources, the vulnerability affects versions before 12.5.0 and fixes are provided in the following releases: 11.5.1.1, 11.5.2.1, 11.5.3....
CVE-2024-49202
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0...
CVE-2024-49202
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0...
PT-2024-33344 · Keyfactor · Keyfactor Command
Name of the Vulnerable Software and Affected Versions: Keyfactor Command versions prior to 12.5.0 Description: The issue concerns incorrect access control where access tokens have more permissions than allowed. Recommendations: For versions prior to 12.5.0, update to one of the fixed versions:...
Keyfactor Command 安全漏洞
Keyfactor Command is a PKI and machine identity automation application from Keyfactor. A security vulnerability exists in Keyfactor Command prior to version 12.5.0 that stems from the inclusion of an incorrect access control issue...
CVE-2024-34458
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure...
CVE-2024-34458
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure...
CVE-2024-33872
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges...
Keyfactor Command 安全漏洞
Keyfactor Command is a PKI and machine identity automation application from Keyfactor. A security vulnerability exists in Keyfactor Command versions prior to 10.5.1 and prior to 11.5.1, which stems from susceptibility to SQL injection attacks that could lead to information disclosure...
CVE-2024-34458
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure...
CVE-2024-34458
Summary: CVE-2024-34458 affects Keyfactor Command. Versions 10.5.x prior to 10.5.1 and 11.5.x prior to 11.5.1 are vulnerable to SQL Injection, which can lead to information disclosure. The exploitation status is not provided in the documents. Impact: information disclosure due to SQL Injection. A...
Keyfactor Command 安全漏洞
Keyfactor Command is a PKI and machine identity automation application from Keyfactor. A security vulnerability exists in Keyfactor Command versions prior to 10.5.1 and prior to 11.5.1, which stems from susceptibility to SQL injection attacks that could lead to code execution and elevation of...
CVE-2024-33872
Keyfactor Command is affected by CVE-2024-33872: SQL injection in versions 10.5.x before 10.5.1 and 11.5.x before 11.5.1 can lead to code execution and privilege escalation. Affected component is the Command application; root cause is unsafely constructed SQL queries. Remediation: upgrade to Keyf...
CVE-2024-33872
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges...
CVE-2024-33872
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges...