Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Rapid7Nexpose

3 matches found

CVE
CVEadded 2017/03/02 8:59 p.m.37 views

CVE-2017-5232

All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.

7.8CVSS7.5AI score0.00217EPSS
CVE
CVEadded 2017/03/02 8:59 p.m.36 views

CVE-2017-5230

The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted with a static password of 'r@p1d7k3y5t0r3' which is not modifiable by the user. The keystore provides storage for saved scan credentials in an otherwise secure location on disk.

7.2CVSS7AI score0.00444EPSS
CVE
CVEadded 2020/09/03 2:15 p.m.32 views

CVE-2020-7381

In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during a Security ...

7.8CVSS6.6AI score0.00371EPSS