Mender@* Security Vulnerabilities and Issues — Mender@* CVE List | Vulners.com

Lucene search

K

Northern.techMender*

5 matches found

CVE•added 2022/04/28 8:15 p.m.•516 views

CVE-2022-29555

The Deviceconnect microservice through 1.3.0 in Northern.tech Mender Enterprise before 3.2.2. allows Cross-Origin Websocket Hijacking.

8.8CVSS8.6AI score0.00123EPSS

CVE•added 2024/11/08 4:15 p.m.•56 views

CVE-2024-46948

Northern.tech Mender before 3.6.5 and 3.7.x before 3.7.5 has Incorrect Access Control.

5.3CVSS7.1AI score0.00069EPSS

CVE•added 2024/11/08 4:15 p.m.•51 views

CVE-2024-46947

Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.

6.5CVSS7AI score0.00079EPSS

CVE•added 2024/06/03 6:15 p.m.•43 views

CVE-2024-37019

Northern.tech Mender Enterprise before 3.6.4 and 3.7.x before 3.7.4 has Weak Authentication.

9.8CVSS7.2AI score0.00327EPSS

CVE•added 2024/06/20 5:15 p.m.•38 views

CVE-2022-45929

Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect Access Control and allows users to change their roles and could allow privilege escalation from a low-privileged read-only user to a high-privileged user.

8.8CVSS7.2AI score0.00162EPSS