Lucene search
K

31 matches found

Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-53001

Name of the Vulnerable Software and Affected Versions Fleet DM affected versions not specified Description An issue exists in the global policy read endpoint GET /api/latest/fleet/policies/policy id where authorization is performed against an empty structure with a nil TeamID. This allows the...

4.3CVSS6AI score
Exploits0References4
OSV
OSV
added 2026/06/12 9:0 p.m.7 views

GHSA-X4QR-QW6H-WVXQ Fleet: Observer-level enrollment secret extraction via ORDER BY oracle on Apple MDM commands endpoint

Summary A vulnerability in Fleet's Apple MDM commands listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract sensitive values from joined database tables — including host enrollment secrets and Apple Push Notification Service APNS tokens — through a...

6.5CVSS5.5AI score0.00019EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/12 9:0 p.m.15 views

Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint

Summary A vulnerability in Fleet's labels host-listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract host enrollment secrets nodekey, orbitnodekey through a cursor-based binary search oracle. The endpoint accepted a user-supplied orderkey parameter that w...

5.4AI score0.00032EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/12 9:0 p.m.5 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the orderkey parameter in the labels host-listing endpoint. An attacker can extract sensitive enrollment secrets by manipulating the sort order and leveraging a cursor-based binary search oracle. This is only exploitab...

7.1CVSS6AI score0.00032EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/12 9:0 p.m.6 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the orderkey parameter in the labels host-listing endpoint. An attacker can extract sensitive enrollment secrets by manipulating the sort order and leveraging a cursor-based binary search oracle. This is only exploitab...

7.1CVSS6AI score0.00032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.20 views

PT-2026-49057

Name of the Vulnerable Software and Affected Versions Fleet affected versions not specified Description An issue in the Apple MDM commands listing endpoint allows authenticated users with the Observer role to extract sensitive data from joined database tables, such as host enrollment secrets and...

6.5CVSS5.9AI score0.00019EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-49056

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.85.0 Description Authenticated users with the lowest-privilege Observer role can extract host enrollment secrets, specifically node key and orbit node key, using a cursor-based binary search oracle. The issue exists i...

6.5CVSS5.9AI score0.00032EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/21 9:45 p.m.24 views

CVE-2026-23517 Fleet has an Access Control vulnerability in debug/pprof endpoints

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...

8.7CVSS0.00246EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/21 9:45 p.m.5 views

CVE-2026-23517 Fleet has an Access Control vulnerability in debug/pprof endpoints

Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view internal server...

8.7CVSS5.5AI score0.00246EPSS
Exploits0References2
CVE
CVE
added 2026/01/21 9:45 p.m.31 views

CVE-2026-23517

Fleet (open source device management software) has a broken access control vulnerability in debug/pprof endpoints that allows any authenticated user, including the lowest-privilege Observer role, to access internal server diagnostics and trigger CPU-intensive profiling operations. This affects ve...

8.7CVSS5.5AI score0.00246EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/14 4:55 p.m.6 views

CVE-2025-20346

A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control RBAC. An attacker...

4.3CVSS6.9AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 4:55 p.m.6 views

CVE-2025-20349

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

8.8CVSS7.4AI score0.00354EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/13 6:31 p.m.6 views

EUVD-2025-175338

A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by...

8.8CVSS6.2AI score0.00509EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/13 6:31 p.m.6 views

EUVD-2025-175336

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

6.3CVSS6.9AI score0.00354EPSS
Exploits0References2
OSV
OSV
added 2025/11/13 5:15 p.m.5 views

CVE-2025-20349

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

8.8CVSS6AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2025/11/13 5:15 p.m.11 views

CVE-2025-20349

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

8.8CVSS0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/13 4:27 p.m.11 views

CVE-2025-20346 Cisco Catalyst Center Privilege Escalation Vulnerability

A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control RBAC. An attacker...

4.3CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added 2025/11/13 4:27 p.m.18 views

CVE-2025-20346

CVE-2025-20346 describes a Cisco Catalyst Center RBAC vulnerability: an authenticated, remote attacker with at least Observer/read-only access can alter policy configurations that should be Administrator‑only. Affected product is Cisco Catalyst Center; exploitation involves logging in and modifyi...

4.3CVSS6.6AI score0.00262EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/13 4:18 p.m.4 views

CVE-2025-20341 Cisco Catalyst Center Privilege Escalation Vulnerability

A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by...

8.8CVSS6.3AI score0.00509EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/13 4:18 p.m.9 views

CVE-2025-20341 Cisco Catalyst Center Privilege Escalation Vulnerability

A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by...

8.8CVSS0.00509EPSS
Exploits0References1
Rows per page
Query Builder