12 matches found
EUVD-2018-8308
Malware in sbrugna...
CVE-2018-16497
In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job is run as the user root, there is a potential privilege escalation vulnerability. In this case, the job runs a script as root that is writable by users who a...
CVE-2019-25030
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the Merkle-Damgardconstruction such as MD5 and SHA-1 alone are insufficient in thwarting password...
CVE-2018-16497
In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job is run as the user root, there is a potential privilege escalation vulnerability. In this case, the job runs a script as root that is writable by users who a...
Privilege escalation
In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job is run as the user root, there is a potential privilege escalation vulnerability. In this case, the job runs a script as root that is writable by users who a...
Design/Logic Flaw
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the Merkle-Damgardconstruction such as MD5 and SHA-1 alone are insufficient in thwarting password...
CVE-2018-16497
In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job is run as the user root, there is a potential privilege escalation vulnerability. In this case, the job runs a script as root that is writable by users who a...
CVE-2018-16497
CVE-2018-16497 describes a privilege escalation in Versa Analytics where cron jobs execute commands at set times. If a cron job runs as root and the script it executes is writable by members of the versa group, a non-root user could modify the script to execute with root privileges. The vulnerabi...
CVE-2019-25030
CVE-2019-25030 affects Versa Director, Versa Analytics and VOS. Passwords were stored without an adaptive hash or KDF, using Merkle-Damgard-based algorithms (e.g., MD5/SHA-1), enabling rainbow-table based cracking. The connected documents indicate the mitigation is to hash with adaptive algorithm...
CVE-2019-25030
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the Merkle-Damgardconstruction such as MD5 and SHA-1 alone are insufficient in thwarting password...
Versa Networks Versa Director 安全漏洞
Versa Director is Versa Networks' virtualization and service creation platform Versa Networks has a security vulnerability that stems from passwords in Versa Director, Versa Analytics, and VOS not being processed with an adaptive cryptographic hash function or key derivation function before being...
Versa Analytics 安全漏洞
Versa Analytics is a virtualization and service creation platform Versa Analytics has a security vulnerability that stems from Cron Jobs being used to schedule tasks by executing commands at specific dates and times on the server. The privilege escalation vulnerability may exist if Cron Jobs is r...