10 matches found
EUVD-2024-1198
Malicious code in bioql PyPI...
CVE-2024-3046
In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...
GHSA-FRC2-W2CC-X794 Eclipse Kura LogServlet vulnerability
In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...
Eclipse Kura LogServlet vulnerability
In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...
CVE-2024-3046
In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...
CVE-2024-3046
In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...
CVE-2024-3046
CVE-2024-3046 affects Eclipse Kura’s LogServlet (versions 5.0.0–5.4.1) and the Web2 component (org.eclipse.kura.web2, versions 2.0.600–2.4.0) within Kura 5.0.0–5.4.1. A specifically crafted request to the LogServlet can allow an unauthenticated user to retrieve device logs, and downloaded logs ma...
CVE-2024-3046
In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...
CVE-2024-3046
In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...
Eclipse Kura 安全漏洞
Eclipse Kura is the Eclipse Foundation's framework for OSGi-based M2M service gateway applications. A security vulnerability exists in Eclipse Kura LogServlet versions 5.0.0 through 5.4.1, which originates from a vulnerability that allows an unauthenticated user to retrieve device logs using a...