15 matches found
CVE-2023-43029
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...
Vulnerability fixed in NetApp SnapCenter
NetApp has fixed a vulnerability in SnapCenter Specifically for versions earlier than 6.0.1P1 and 6.1P1. The vulnerability is in the way SnapCenter handles authenticated users. This allows authenticated users to gain administrative access on remote systems equipped with the SnapCenter plug-in. Th...
CVE-2023-43029
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...
CVE-2023-43029
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...
CVE-2023-43029 IBM Storage Virtualize vSphere Remote Plug-in information disclosure
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...
CVE-2023-43029
CVE-2023-43029 affects IBM Storage Virtualize vSphere Remote Plug-in (versions 1.0 and 1.1). Root cause described in IBM security bulletin: credentials used for vSphere admin and registration may be exposed in the plugin support package after deployment, enabling a remote user to obtain sensitive...
IBM Storage Virtualize vSphere Remote Plug-in 安全漏洞
IBM Storage Virtualize vSphere Remote Plug-in is a vSphere remote plug-in for storage virtualization from International Business Machines IBM. It can be used to remotely manage and configure IBM Storage Virtualization resources. A security vulnerability exists in IBM Storage Virtualize vSphere...
SUSE CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...
Important: nrpe
Issue Overview: Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash. Affected Packages: nrpe Issue Correction: Run yum update nrpe...
NRPE metacharacter filtering omission (important)
NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...