Lucene search
K

113 matches found

Prion
Prion
added 2020/04/17 2:15 p.m.20 views

Session fixation

A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage versions: GL225P001 and earlier; GL225P001 and...

10CVSS9.3AI score0.02067EPSS
Exploits0References1Affected Software6
Cvelist
Cvelist
added 2020/04/17 1:58 p.m.26 views

CVE-2019-12002

A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage versions: GL225P001 and earlier; GL225P001 and...

9.5AI score0.02067EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/17 1:53 p.m.39 views

CVE-2019-12001

A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage versions: GL225P001 and earlier; GL225P001 and...

7.1AI score0.0113EPSS
Exploits0References1
CVE
CVE
added 2020/04/17 1:53 p.m.59 views

CVE-2019-12001

CVE-2019-12001 covers a remote session reuse vulnerability that can bypass access restrictions in HPE MSA Storage devices. Public details in the initial description indicate affected models include MSA 2040/1040/1050/2042/2050/2052 with firmware/version lines such as GL225P001 and earlier; VE270R...

7.1CVSS7AI score0.0113EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/14 8:55 p.m.110 views

CVE-2019-1172

Technical details about CVE-2019-1172 are not publicly provided in the supplied documents; no concrete affected products, root cause, or remediation are listed beyond a generic description. Monitor for updates.

4.3CVSS6.7AI score0.03989EPSS
Exploits0References1Affected Software6
Microsoft KB
Microsoft KB
added 2018/11/13 8:0 a.m.131 views

November 13, 2018—KB4467708 (OS Build 17763.134)

November 13, 2018—KB4467708 OS Build 17763.134 Notes: This release also contains updates for Microsoft HoloLens OS Build 17763.134 released November 13, 2018. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that ha...

10CVSS7AI score0.63294EPSS
Exploits14
CNVD
CNVD
added 2018/03/08 12:0 a.m.5 views

HPE MSA 1040 and MSA 2040 SAN Storage Authentication Vulnerability Vulnerability

The HPE MSA 1040 and MSA 2040 SAN Storage are both storage devices from Hewlett Packard Enterprise HPE. An authentication vulnerability exists in HPE MSA 1040 and MSA 2040 SAN Storage GL220P008 and prior versions. A remote attacker could exploit this vulnerability to bypass authentication...

9.8CVSS7.2AI score0.02327EPSS
Exploits0References1
OSV
OSV
added 2018/02/15 10:29 p.m.3 views

CVE-2017-8959

An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage in version GL220P008 and earlier and was found...

8.8CVSS5.8AI score0.01367EPSS
Exploits0References1
Prion
Prion
added 2018/02/15 10:29 p.m.17 views

Authentication flaw

An Authentication Bypass vulnerability in HPE MSA 1040 and MSA 2040 SAN Storage IN version GL220P008 and earlier was found...

7.5CVSS9.4AI score0.02327EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2018/02/15 10:29 p.m.21 views

Authentication flaw

An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage in version GL220P008 and earlier and was found...

6.5CVSS8.7AI score0.01367EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2018/02/15 10:0 p.m.51 views

CVE-2017-8960

CVE-2017-8960 affects HPE MSA 1040 and MSA 2040 SAN Storage (GL220P008 and earlier). The connected sources describe an authentication bypass vulnerability, enabling a remote attacker to bypass authentication with impact on confidentiality, integrity, and availability as indicated by the CVSS metr...

9.8CVSS9.4AI score0.02327EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/02/15 10:0 p.m.21 views

CVE-2017-8959

An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage in version GL220P008 and earlier and was found...

8.8AI score0.01367EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/02/15 10:0 p.m.21 views

CVE-2017-8960

An Authentication Bypass vulnerability in HPE MSA 1040 and MSA 2040 SAN Storage IN version GL220P008 and earlier was found...

9.5AI score0.02327EPSS
Exploits0References1
CVE
CVE
added 2018/02/15 10:0 p.m.45 views

CVE-2017-8959

Affected products: HPE MSA 1040 and HPE MSA 2040 SAN Storage. Vulnerability: Authentication bypass vulnerability in version GL220P008 and earlier. Root cause: bypassing authentication could allow unauthorized access. Impact (as described in sources): Elevation of privileges / partial to high impa...

8.8CVSS8.6AI score0.01367EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/11/10 12:0 a.m.5 views

MSA vot.Ar 'parse' function unauthorized operation vulnerability

MSA vot.Ar is a suite of voting election applications. A security vulnerability exists in the 'parse' function in MSA vot.Ar version 3.1. An attacker in close physical proximity could exploit this vulnerability to cast multiple votes for a candidate with the help of a specially designed RFID voti...

4.6CVSS6.6AI score0.00396EPSS
Exploits0References1
Prion
Prion
added 2017/10/23 6:29 p.m.17 views

Design/Logic Flaw

The parse function in MSA vot.Ar 3.1 does not check whether a candidate receives more than one vote, which allows physically proximate attackers to cast multiple votes for a candidate via a crafted RFID ballot tag...

2.1CVSS7AI score0.00396EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2017/10/23 6:29 p.m.14 views

CVE-2015-6839

The parse function in MSA vot.Ar 3.1 does not check whether a candidate receives more than one vote, which allows physically proximate attackers to cast multiple votes for a candidate via a crafted RFID ballot tag...

4.6CVSS4.7AI score0.00396EPSS
Exploits0References4
CVE
CVE
added 2017/10/23 6:0 p.m.44 views

CVE-2015-6839

The CVE-2015-6839 entry concerns MSA vot.Ar 3.1, where the parse function fails to prevent a candidate from receiving multiple votes. The underlying issue is a vulnerability in the parsing logic that allows an RFID ballot tag crafted by an attacker in close physical proximity to cause multiple vo...

4.6CVSS4.7AI score0.00396EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2017/10/23 6:0 p.m.22 views

CVE-2015-6839

The parse function in MSA vot.Ar 3.1 does not check whether a candidate receives more than one vote, which allows physically proximate attackers to cast multiple votes for a candidate via a crafted RFID ballot tag...

4.6AI score0.00396EPSS
Exploits0References4
NVD
NVD
added 2016/09/14 10:59 a.m.20 views

CVE-2016-3352

Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka "Microsoft Information Disclosure Vulnerabilit...

8.8CVSS8.4AI score0.20788EPSS
Exploits0References3
Rows per page
Query Builder