Lucene search
K

5 matches found

CVE
CVE
added 2024/04/09 10:2 a.m.84 views

CVE-2024-3046

CVE-2024-3046 affects Eclipse Kura’s LogServlet (versions 5.0.0–5.4.1) and the Web2 component (org.eclipse.kura.web2, versions 2.0.600–2.4.0) within Kura 5.0.0–5.4.1. A specifically crafted request to the LogServlet can allow an unauthenticated user to retrieve device logs, and downloaded logs ma...

7.5CVSS7.7AI score0.00576EPSS
CVE
CVE
added 2017/09/11 4:0 p.m.56 views

CVE-2017-7649

The CVE-2017-7649 entry concerns Eclipse Kura (pre-2.1.0) where the distribution handles firewall setup and leaves the Equinox console on port 5002 accessible without credentials. The vulnerability allows login via unencrypted Telnet, with the attacker able to execute commands through the Equinox...

10CVSS9.4AI score0.01647EPSS
CVE
CVE
added 2019/04/09 3:42 p.m.50 views

CVE-2019-10244

CVE-2019-10244 affects Eclipse Kura up to version 4.0.0. The vulnerability points to XXE attacks via the Web UI package and component services, the Artemis simple MQTT component, and the emulator position service (not part of the device distribution) caused by improper factory and parser initiali...

7.5CVSS7.4AI score0.01825EPSS
CVE
CVE
added 2019/04/09 3:42 p.m.48 views

CVE-2019-10243

CVE-2019-10243 affects Eclipse Kura up to v4.0.0. The issue is that Kura exposes the underlying Ui Web server version in its replies, which an attacker could use as a hint to craft targeted attacks against the Kura web server. The provided documents do not specify a fixed version or remediation; ...

5.3CVSS5.1AI score0.01337EPSS
CVE
CVE
added 2019/04/09 3:42 p.m.43 views

CVE-2019-10242

The provided CVE entry applies to Eclipse Kura up to version 4.0.0, where the SkinServlet did not validate the path parameter in GET requests. This could allow path traversal for a limited set of file types. The vulnerability is described without explicit exploitation details or listed fixes in t...

5.3CVSS5.2AI score0.01963EPSS