Gravityzone Security Vulnerabilities and Issues — Gravityzone CVE List

Lucene search

BitdefenderGravityzone

5 matches found

CVE•added 2024/06/06 8:15 a.m.•67 views

CVE-2024-4177

A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise.

9.8CVSS8AI score0.00146EPSS

CVE•added 2022/09/05 12:15 p.m.•44 views

CVE-2022-2830

Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an attacker to pass unsafe commands to the environment. This issue affects: Bitdefender GravityZone Console On-Premise versions prior to 6.29.2-1. Bitdefender GravityZone Cl...

9.8CVSS9.3AI score0.00613EPSS

CVE•added 2024/07/31 7:15 a.m.•39 views

CVE-2024-6980

A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise.

9.8CVSS6.4AI score0.00185EPSS

CVE•added 2018/10/24 10:29 p.m.•34 views

CVE-2018-8955

The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing the filename while leaving the file's digital signature unchanged.

9.8CVSS9.6AI score0.0534EPSS

CVE•added 2021/10/28 2:15 p.m.•33 views

CVE-2021-3823

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249.

9.8CVSS8.6AI score0.00403EPSS