K20059815: iControl REST vulnerability CVE-2020-5943

Security Advisory Description When a BIG-IP object is created or listed through the REST interface, the protected fields are obfuscated in the REST response, not protected via a SecureVault cryptogram as TMSH does. One example of protected fields is the GTM monitor password. CVE-2020-5943 Impact ...

PT-2022-20513 · Kubeedge · Kubeedge

Name of the Vulnerable Software and Affected Versions: KubeEdge versions prior to 1.11.1 KubeEdge versions prior to 1.10.2 KubeEdge versions prior to 1.9.4 Description: The CloudCore Router in KubeEdge does not impose a limit on the size of responses to requests made by the REST handler, allowing...

Information Disclosure

guacamole-common is vulnerable to information disclosure. The vulnerability exists due to the incorrectly included private tunnel identifier in non-private details of some REST responses, allowing an authenticated attacker to interact with another user's active session...

CVE-2021-41767

Apache Guacamole 1.3.0 and older may incorrectly include a private tunnel identifier in the non-private details of some REST responses. This may allow an authenticated user who already has permission to access a particular connection to read from or interact with another user's active use of that...

PT-2022-11481 · Apache +1 · Apache Guacamole +1

Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.3.0 and older Description: The issue allows an authenticated user who already has permission to access a particular connection to potentially read from or interact with another user's active use of that same...