Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 3:51 a.m.10 views

CVE-2024-33470

An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passback attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

4.9CVSS7AI score0.0024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/24 3:3 p.m.9 views

CVE-2024-33470

An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passback attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

7AI score0.0024EPSS
Exploits0References1
CVE
CVE
added 2024/05/24 3:3 p.m.92 views

CVE-2024-33470

The CVE-2024-33470 entry affects AVTECH Room Alert 4E v4.4.0, with a root cause in the SMTP Email Settings that can expose credentials in plaintext via a passback attack. The issue is documented across multiple sources (including PT-2024-25275) and is tied to products that are no longer supported...

4.9CVSS7AI score0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/24 12:0 a.m.7 views

PT-2024-25275 · Avtech · Avtech Room Alert 4E

Name of the Vulnerable Software and Affected Versions: AVTECH Room Alert 4E version 4.4.0 Description: An issue in the SMTP Email Settings allows attackers to gain access to credentials in plaintext via a passback attack. This issue only affects products that are no longer supported by the...

4.9CVSS7.2AI score0.0024EPSS
Exploits0References2
NVD
NVD
added 2023/09/27 3:19 p.m.45 views

CVE-2023-4505

The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 1.2.3. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative...

4.9CVSS3.9AI score0.00721EPSS
Exploits2References4
OSV
OSV
added 2023/09/27 3:19 p.m.6 views

CVE-2023-4505

The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 1.2.3. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative...

4.9CVSS6.5AI score0.00721EPSS
Exploits2References3
Prion
Prion
added 2023/09/27 3:19 p.m.10 views

Input validation

The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 1.2.3. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative...

3.3CVSS5.2AI score0.00721EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/26 1:51 a.m.7 views

CVE-2023-4506 Active Directory Integration / LDAP Integration <= 4.1.10 - LDAP Passback

The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 4.1.10. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative access an...

2.2CVSS6.6AI score0.00721EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2023/09/26 1:51 a.m.5 views

CVE-2023-4505

The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 1.2.3. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative...

2.2CVSS4.9AI score0.00721EPSS
Exploits2References3
Cvelist
Cvelist
added 2023/09/26 1:51 a.m.59 views

CVE-2023-4506 Active Directory Integration / LDAP Integration <= 4.1.10 - LDAP Passback

The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 4.1.10. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative access an...

2.2CVSS6.5AI score0.00721EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/09/26 1:51 a.m.46 views

CVE-2023-4505 Staff / Employee Business Directory for Active Directory <= 1.2.3 - Authenticated (Admin+) LDAP Passback

The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 1.2.3. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative...

2.2CVSS5.3AI score0.00721EPSS
Exploits2References4
WPVulnDB
WPVulnDB
added 2023/09/26 12:0 a.m.7 views

Staff / Employee Business Directory for Active Directory < 1.3 - Admin LDAP Credentials Retrieval

Description The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 1.2.3. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with...

4.9CVSS6.3AI score0.00721EPSS
Exploits2Affected Software1
Rows per page
Query Builder