41 matches found
EUVD-2020-5674
Malware in sbrugna...
EUVD-2020-5672
Malware in sbrugna...
EUVD-2020-5675
Malware in sbrugna...
EUVD-2020-5673
Malware in sbrugna...
EUVD-2020-5676
Malware in sbrugna...
OpenIAM Access Control Error Vulnerability
OpenIAM is a fully integrated identity and access management platform. Vulnerabilities exist in OpenIAM versions prior to 4.2.0.3 due to access control errors in the "Create User", "Modify User Privileges" and "Password Reset" operations. No details of the vulnerabilities are available at this ti...
OpenIAM Improper Privilege Control Vulnerability
OpenIAM is a fully integrated identity and access management platform. A privilege control impropriety vulnerability exists in OpenIAM versions prior to 4.2.0.3. The vulnerability stems from OpenIAM not verifying that a user has permission to perform /webconsole/rest/api/ administrative operation...
OpenIAM Remote Code Execution Vulnerability
OpenIAM is a fully integrated identity and access management platform. A remote code execution vulnerability exists in OpenIAM versions prior to 4.2.0.3. An attacker can exploit this vulnerability to execute arbitrary code via Groovy Script...
OpenIAM Cross-Site Scripting Vulnerability
OpenIAM is a fully integrated identity and access management platform. A cross-site scripting vulnerability exists in the "Add New User" feature in OpenIAM versions prior to 4.2.0.3. No details of the vulnerability are available at this time...
OpenIAM Directory Traversal Vulnerability
OpenIAM is a fully integrated identity and access management platform. A directory traversal vulnerability exists in batch tasks in versions of OpenIAM prior to 4.2.0.3. No detailed vulnerability details are provided at this time...
CVE-2020-13421
OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions...
CVE-2020-13420
OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script...
CVE-2020-13422
OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/ administrative actions...
CVE-2020-13421
OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions...
CVE-2020-13420
OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script...
CVE-2020-13422
OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/ administrative actions...
CVE-2020-13419
OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task...
CVE-2020-13418
OpenIAM before 4.2.0.3 allows XSS in the Add New User feature...
CVE-2020-13419
OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task...
CVE-2020-13418
OpenIAM before 4.2.0.3 allows XSS in the Add New User feature...