77 matches found
CVE-2023-22890
SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...
CVE-2023-22889
SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users...
CVE-2023-22892
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances...
CVE-2023-22891
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...
Information disclosure
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances...
Race condition
SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...
Design/Logic Flaw
SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users...
Privilege escalation
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...
PT-2023-18755 · Smartbear · Smartbear Zephyr Enterprise
Name of the Vulnerable Software and Affected Versions: SmartBear Zephyr Enterprise versions through 7.15.0 Description: The issue is a privilege escalation vulnerability that could be exploited by authorized users to reset passwords for other accounts. Recommendations: For SmartBear Zephyr...
CVE-2023-22891
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...
CVE-2023-22892
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances...
PT-2023-18752 · Smartbear · Smartbear Zephyr Enterprise
Name of the Vulnerable Software and Affected Versions: SmartBear Zephyr Enterprise versions prior to 7.15.1 Description: The issue is related to the mishandling of user-defined input during report generation, which could lead to remote code execution by unauthenticated users. Recommendations: For...
CVE-2023-22890
CVE-2023-22890 affects SmartBear Zephyr Enterprise up to version 7.15.0. The vulnerability allows unauthenticated users to upload large files, which can exhaust local drive space and cause a denial of service. The provided documents confirm the affected product and the exploit scenario (untrusted...
CVE-2023-22891
CVE-2023-22891 maps to a privilege-escalation in SmartBear Zephyr Enterprise up to version 7.15.0. Multiple sources indicate that authorized users could reset passwords for other accounts, enabling elevation of privileges with high impact (I/H, A/H, network vector). Publicly disclosed details are...
CVE-2023-22890
SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...
CVE-2023-22889
SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users...
CVE-2023-22892
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances...
CVE-2023-22889
SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users...
CVE-2023-22892
CVE-2023-22892 : In SmartBear Zephyr Enterprise up to version 7.15.0, there exists an information disclosure vulnerability that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances. The provided documents confirm the affected product and the unauthenticated ac...
CVE-2023-22890
SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...