Lucene search
K

80 matches found

RedHat Linux
RedHat Linux
added 2022/05/11 6:50 p.m.69 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Logging Security and Bug update Release 5.4.1

Logging Subsystem 5.4.1 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...

7.5CVSS7AI score0.0628EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2021/07/09 5:31 p.m.81 views

Cisco BPA, WSA Bugs Allow Remote Cyberattacks

A set of high-severity privilege-escalation vulnerabilities affecting Business Process Automation BPA application and Cisco’s Web Security Appliance WSA and could allow authenticated, remote attackers to access sensitive data or take over a targeted system. The first two bugs CVE-2021-1574 and...

9CVSS8.1AI score0.01879EPSS
Exploits0References5
OSV
OSV
added 2021/05/11 2:15 p.m.14 views

CVE-2021-32560

The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...

6.5CVSS6.5AI score
Exploits0References3
Prion
Prion
added 2021/05/11 2:15 p.m.17 views

Improper access control

The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...

4CVSS6.4AI score0.0149EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2021/05/11 2:15 p.m.4 views

PYSEC-2021-29

The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...

6.5CVSS6.9AI score0.0149EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/05/11 2:15 p.m.22 views

PYSEC-2021-29

The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it attempts to manage files that are not .log files...

6.5CVSS2.2AI score0.0149EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/05/11 12:0 a.m.3 views

OctoPrint 访问控制错误漏洞

OctoPrint is an application. Provides a fast web interface for controlling consumer 3D printers. A security vulnerability previously existed in OctoPrint version 1.6.0. The vulnerability stemmed from the Logging subsystem in the program having incorrect access control...

6.5CVSS6.4AI score0.0149EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/02/09 12:0 a.m.4 views

The vulnerability of the logging subsystem of the Cisco Data Center Network Manager, a system for managing network operations at data centers, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the logging subsystem of the Cisco Data Center Network Manager DCNM is related to uncontrolled memory allocation. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.00284EPSS
Exploits0References2
CNVD
CNVD
added 2021/01/21 12:0 a.m.8 views

Cisco Data Center Network Manager Information Disclosure Vulnerability (CNVD-2021-09946)

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. An information disclosure vulnerability exists in the logging subsystem of Cisco...

5.5CVSS5.9AI score0.00284EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 8:15 p.m.19 views

CVE-2021-1283

A vulnerability in the logging subsystem of Cisco Data Center Network Manager DCNM could allow an authenticated, local attacker to view sensitive information in a system log file that should be restricted. The vulnerability exists because sensitive information is not properly masked before it is...

5.5CVSS5.1AI score0.00284EPSS
Exploits0References1
Prion
Prion
added 2021/01/20 8:15 p.m.21 views

Design/Logic Flaw

A vulnerability in the logging subsystem of Cisco Data Center Network Manager DCNM could allow an authenticated, local attacker to view sensitive information in a system log file that should be restricted. The vulnerability exists because sensitive information is not properly masked before it is...

2.1CVSS5.1AI score0.00284EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/01/20 7:56 p.m.10 views

CVE-2021-1283 Cisco Data Center Network Manager Information Disclosure Vulnerability

A vulnerability in the logging subsystem of Cisco Data Center Network Manager DCNM could allow an authenticated, local attacker to view sensitive information in a system log file that should be restricted. The vulnerability exists because sensitive information is not properly masked before it is...

5.5CVSS6AI score0.00284EPSS
Exploits0References1
CVE
CVE
added 2021/01/20 7:56 p.m.61 views

CVE-2021-1283

Cisco Data Center Network Manager (DCNM) is affected by an information-disclosure vulnerability in its logging subsystem. The issue arises because sensitive data is not properly masked before being written to system log files, allowing an authenticated, local attacker with valid credentials to vi...

5.5CVSS5AI score0.00284EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/01/20 7:56 p.m.20 views

CVE-2021-1283 Cisco Data Center Network Manager Information Disclosure Vulnerability

A vulnerability in the logging subsystem of Cisco Data Center Network Manager DCNM could allow an authenticated, local attacker to view sensitive information in a system log file that should be restricted. The vulnerability exists because sensitive information is not properly masked before it is...

5.5CVSS5.3AI score0.00284EPSS
Exploits0References1
Cisco
Cisco
added 2021/01/20 4:0 p.m.47 views

Cisco Data Center Network Manager Information Disclosure Vulnerability

A vulnerability in the logging subsystem of Cisco Data Center Network Manager DCNM could allow an authenticated, local attacker to view sensitive information in a system log file that should be restricted. The vulnerability exists because sensitive information is not properly masked before it is...

5.5CVSS5AI score0.00284EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/05/31 12:0 a.m.5 views

The vulnerability of the Cisco Web Security Appliance’s logging subsystem allows a hacker to execute arbitrary commands and elevate their privileges to the root level.

The vulnerability of the Cisco Web Security Appliance WSA’s reporting subsystem is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary commands and elevate their privileges to the root level...

5.3CVSS6.7AI score0.0064EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/01/12 5:0 p.m.17 views

CVE-2017-18014

An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page Control Center - Log Viewer - in the filter option "Web Server Protection" in the webadmin...

6.2AI score0.02307EPSS
Exploits2References4
CNVD
CNVD
added 2017/06/26 12:0 a.m.2 views

Cisco Prime Collaboration Provisioning Tool Local Information Disclosure Vulnerability (CNVD-2017-11546)

Cisco Prime Collaboration is a comprehensive video and voice service assurance and management system. A security vulnerability exists in the logging subsystem in the Cisco Prime Collaboration Provisioning tool, where an unauthenticated local attacker obtains sensitive information. The vulnerabili...

5.1CVSS6.6AI score0.00384EPSS
Exploits0References1
Cisco
Cisco
added 2017/06/21 4:0 p.m.19 views

Cisco Prime Collaboration Provisioning Tool Log File Information Disclosure Vulnerability

A vulnerability in the logging subsystem of the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, local attacker to acquire sensitive information. The vulnerability is due to the logging of sensitive details of specific user actions. An attacker could exploit this...

5.1CVSS5.1AI score0.00384EPSS
Exploits0References1
NVD
NVD
added 2017/02/03 7:59 a.m.22 views

CVE-2017-3822

A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense FTD Firepower Device Manager FDM could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log. This vulnerability affects Cisco Firepower Threat Defense Software versions 6.1.x on the...

5.3CVSS5.4AI score0.01479EPSS
Exploits0References3
Rows per page
Query Builder