Lucene search
+L
OpservicesOpmon

5 matches found

cve
cve
added 2020/01/07 8:49 p.m.84 views

CVE-2020-5841

The CVE-2020-5841 entry relates to OpServices OpMon 9.3.1-1. An attacker could perform SQL injection without authentication by manipulating password change parameters, due to improper input handling. This affects the OpMon component and enables access to sensitive database information. The public...

9.8CVSS9.8AI score0.01236EPSS
cve
cve
added 2022/04/08 7:57 p.m.71 views

CVE-2021-43009

CVE-2021-43009 is an XSS vulnerability in OpServices OpMon up to version 9.11, exploitable via the search parameter in the request URL. The CVE entry notes a client-side script execution due to unescaped input, with multiple public references documenting PoCs and exploitation examples (e.g., payl...

6.1CVSS5.9AI score0.02293EPSS
Web
cve
cve
added 2020/02/06 4:31 p.m.52 views

CVE-2020-7954

OpServices OpMon 9.3.2 is affected. The issue allows privilege escalation from the apache user due to a misconfigured sudoers file that by default permits passwordless execution of certain programs (e.g., nmap). Root cause: incorrect sudoers configuration in the server. Impact: local privilege es...

7.8CVSS7.9AI score0.00384EPSS
cve
cve
added 2020/02/06 4:26 p.m.51 views

CVE-2020-7953

CVE-2020-7953 affects OpServices OpMon 9.3.2. The issue allows reading server files (e.g., /etc/passwd) without authentication due to the use of nmap -iL (input file) option. Multiple connected sources (including Red Hat and CNVD entries) corroborate this description. The vulnerability impacts co...

7.5CVSS7.3AI score0.01165EPSS
cve
cve
added 2020/02/06 4:49 p.m.47 views

CVE-2020-8636

CVE-2020-8636 affects OpServices OpMon 9.3.2. The issue enables Remote Code Execution with a CVSS v3.1 base score of 9.8 (NETWORK, NONE/LOW complexity, no user interaction). Exploitation details are not provided in the documents; no remediation or patch information is listed. Exploitation status ...

10CVSS9.6AI score0.04014EPSS