Open-audit@* Security Vulnerabilities and Issues — Open-audit@* CVE List

Lucene search

OpmantekOpen-audit*

3 matches found

CVE•added 2021/01/20 4:15 p.m.•50 views

CVE-2021-3130

Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the credentials are visible.

5.9CVSS5.7AI score0.00627EPSS

CVE•added 2021/12/20 12:15 p.m.•41 views

CVE-2021-44916

Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be executed in the victim's browser.

6.1CVSS5.9AI score0.04458EPSS

CVE•added 2021/12/22 1:15 p.m.•36 views

CVE-2021-40612

An issue was discovered in Opmantek Open-AudIT after 3.5.0. Without authentication, a vulnerability in code_igniter/application/controllers/util.php allows an attacker perform command execution without echoes.

9.8CVSS9.5AI score0.00995EPSS