EUVD-2024-31627

Malicious code in bioql PyPI...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

UBUNTU-CVE-2024-3019

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

PT-2024-2710 · Cockpit +9 · Cockpit +9

Name of the Vulnerable Software and Affected Versions: Performance Co-Pilot PCP versions 4.3.4 and newer Description: The issue is related to the pmproxy component of the Performance Co-Pilot PCP software, which is used for monitoring and visualizing performance. It involves the exposure of...