Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Cfengine Security Vulnerabilities - 2023

cve
cve

CVE-2023-26560

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials.

6.5CVSS

6AI Score

0.001EPSS

2023-04-26 12:15 AM
25
cve
cve

CVE-2023-45684

Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed versions are 3.18.6 and 3.21.3. The earliest affected version is 3.6.0. The issue is in the Mission Portal login page in the CFEngine hub.

7.5CVSS

7.6AI Score

0.001EPSS

2023-11-14 03:15 PM
13