Lucene search
K

31 matches found

Cvelist
Cvelist
added 2024/09/16 5:48 a.m.26 views

CVE-2024-8778 The SYSCOM Group OMFLOW - Arbitrary File Read

OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality, allowing remote attackers with regular privileges to read arbitrary system files...

6.5CVSS0.00599EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/16 5:44 a.m.21 views

CVE-2024-8777 The SYSCOM Group OMFLOW - Information Leakage

OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized remote attackers to read arbitrary system configurations. If LDAP authentication is enabled, attackers can obtain plaintext credentials...

7.5CVSS7.1AI score0.00543EPSS
Exploits0References2
CVE
CVE
added 2024/09/16 5:44 a.m.28 views

CVE-2024-8777

CVE-2024-8777 concerns OMFLOW from The SYSCOM Group, where an information leakage vulnerability could allow unauthorized remote attackers to read arbitrary system configurations. The issue may be exposed via network access with low attack complexity and no privileges required, with the impact on ...

7.5CVSS7.6AI score0.00543EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/09/16 5:44 a.m.33 views

CVE-2024-8777 The SYSCOM Group OMFLOW - Information Leakage

OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized remote attackers to read arbitrary system configurations. If LDAP authentication is enabled, attackers can obtain plaintext credentials...

7.5CVSS0.00543EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/16 12:0 a.m.5 views

SYSCOM OMFLOW 信息泄露漏洞

SYSCOM OMFLOW is an information maintenance management system of SYSCOM China. An information disclosure vulnerability exists in SYSCOM OMFLOW versions 1.1.6.0 through 1.2.1.2, which stems from the presence of an information disclosure vulnerability that could allow an unauthorized, remote attack...

7.5CVSS6.3AI score0.00543EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/09/16 12:0 a.m.4 views

SYSCOM OMFLOW 信息泄露漏洞

SYSCOM OMFLOW is an information maintenance management system from SYSCOM China. An information disclosure vulnerability exists in SYSCOM OMFLOW versions 1.1.6.0 through 1.2.1.2, which stems from not properly limiting the query scope of its data query function, allowing a remote attacker with...

6.5CVSS6.4AI score0.00436EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/09/16 12:0 a.m.5 views

SYSCOM OMFLOW 安全漏洞

SYSCOM OMFLOW is an information maintenance management system from SYSCOM China. A security vulnerability exists in SYSCOM OMFLOW versions 1.1.6.0 through 1.2.1.2, which originates from user input that is not properly validated for the download function, allowing remote attackers with regular...

6.5CVSS6.6AI score0.00599EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/09/16 12:0 a.m.3 views

SYSCOM OMFLOW 安全漏洞

SYSCOM OMFLOW is an information maintenance management system of the Chinese company SYSCOM. A security vulnerability exists in SYSCOM OMFLOW versions 1.1.6.0 through 1.2.1.2, which originates from improperly restricting access to the system settings modification feature, allowing remote attacker...

8.8CVSS6.9AI score0.00544EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/09/15 12:0 a.m.3 views

PT-2024-39245 · Syscom · Omflow

Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue allows remote attackers with regular privileges to update system settings or create accounts with administrator privileges, thereby gaining control of the...

8.8CVSS7.2AI score0.00544EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2024/09/15 12:0 a.m.8 views

PT-2024-39244 · Syscom · Omflow

Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue is related to the download functionality in OMFLOW, which does not properly validate user input. This allows remote attackers with regular privileges to read...

6.5CVSS7AI score0.00599EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/09/15 12:0 a.m.5 views

PT-2024-39246 · Syscom · Omflow

Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue is related to the data query functionality in OMFLOW, which does not properly restrict the query range. This allows remote attackers with regular privileges t...

6.5CVSS7AI score0.00436EPSS
Exploits0References7
Rows per page
Query Builder