Lucene search
K
SkyboxsecuritySkybox Manager Client Application

4 matches found

CVE
CVE
added 2017/10/02 9:0 p.m.48 views

CVE-2017-14771

The CVE concerns the Skybox Manager Client Application (pre-8.5.501). It describes an arbitrary file upload vulnerability caused by insufficient input validation of user-supplied file paths during uploads. A local authenticated attacker can upload arbitrary files and overwrite existing files with...

5.5CVSS5.4AI score0.00286EPSS
CVE
CVE
added 2017/10/02 9:0 p.m.47 views

CVE-2017-14770

Skybox Manager Client Application (affected versions prior to 8.5.501) contains an information disclosure vulnerability in the authentication process. A local authenticated attacker could access user password hashes while the process is paused in a debugger during authentication. This is document...

5.5CVSS5.3AI score0.00338EPSS
CVE
CVE
added 2017/10/02 9:0 p.m.45 views

CVE-2017-14772

The CVE-2017-14772 entry concerns Skybox Manager Client Application. It describes a local, unauthenticated information-disclosure issue where an attacker can enumerate valid usernames by analyzing error messages during login attempts. The root cause is information leakage via login error handling...

3.3CVSS3.8AI score0.00303EPSS
CVE
CVE
added 2017/10/02 9:0 p.m.43 views

CVE-2017-14773

Skybox Manager Client Application (before 8.5.501) has an elevation of privileges vulnerability during authentication in a debugger-pause state. Exploitation requires a local authenticated attacker. Root cause details are not further specified in the provided documents. Remediation: upgrade to ve...

7.8CVSS7.5AI score0.00374EPSS