Lucene search

K

Cynet Security Vulnerabilities

cve

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles.

5.3CVSS

5.3AI Score

0.001EPSS

2022-09-08 04:15 PM

31

8

cve

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles.

5.3CVSS

5.3AI Score

0.001EPSS

2022-09-08 04:15 PM

27

8

cve

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy users via a crafted GET request sent to /WebApp/DeceptionUser/GetAllDeceptionUsers.

5.3CVSS

5.3AI Score

0.001EPSS

2022-09-08 04:15 PM

31

8

cve

Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens.

4.4CVSS

4.8AI Score

0.0004EPSS

2023-03-28 06:15 PM

42