13 matches found
EUVD-2018-11898
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1279
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster....
Limited Authentication Bypass for Media Files
Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassing organizational barriers. Impact The vulnerability allows attackers to bypass organizational...
GHSA-QM6V-CG9V-53J3 Limited Authentication Bypass for Media Files
Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassing organizational barriers. Impact The vulnerability allows attackers to bypass organizational...
CVE-2022-29237
Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassin...
CVE-2022-29237 Limited Authentication Bypass for Media Files in Opencast
Opencast is a free and open source solution for automated video capture and distribution at scale. Prior to Opencast 10.14 and 11.7, users could pass along URLs for files belonging to organizations other than the user's own, which Opencast would then import into the current organization, bypassin...
CVE-2022-29237
Opencast exposes a cross-tenant access flaw: before versions 10.14 and 11.7, an attacker with full access to the ingest REST interface and knowledge of internal links could import files from another organization within the same multi-tenant cluster, bypassing organizational barriers. The issue is...
Privilege Escalation
Pivotal RabbitMQ for PCF is vulnerable to privilege escalation. The vulnerability exists due to the system using deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster allowing an attacker who can gain information about the network topolog...
CVE-2018-1279
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...
CVE-2018-1279
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...
UBUNTU-CVE-2018-1279
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...
CVE-2018-1279
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...
CVE-2018-1279
CVE-2018-1279 affects Pivotal RabbitMQ for PCF, all versions. The root cause is a deterministically generated authentication cookie that is shared across all nodes in a multi-tenant cluster. A remote attacker who can glean information about the network topology can guess this cookie and, if they ...