Skybox Manager Client Application Security Vulnerabilities and Issues — Skybox Manager Client Application CVE List

Lucene search

SkyboxsecuritySkybox Manager Client Application

4 matches found

CVE•added 2017/10/03 1:29 a.m.•38 views

CVE-2017-14770

Skybox Manager Client Application prior to 8.5.501 is prone to an information disclosure vulnerability of user password hashes. A local authenticated attacker can access the password hashes in a debugger-pause state during the authentication process.

5.5CVSS5.3AI score0.00163EPSS

CVE•added 2017/10/03 1:29 a.m.•37 views

CVE-2017-14771

Skybox Manager Client Application prior to 8.5.501 is prone to an arbitrary file upload vulnerability due to insufficient input validation of user-supplied files path when uploading files via the application. During a debugger-pause state, a local authenticated attacker can upload an arbitrary file...

5.5CVSS5.4AI score0.00124EPSS

CVE•added 2017/10/03 1:29 a.m.•36 views

CVE-2017-14772

Skybox Manager Client Application is prone to information disclosure via a username enumeration attack. A local unauthenticated attacker could exploit the flaw to obtain valid usernames, by analyzing error messages upon valid and invalid account login attempts.

3.3CVSS3.8AI score0.00262EPSS

CVE•added 2017/10/03 1:29 a.m.•34 views

CVE-2017-14773

Skybox Manager Client Application prior to 8.5.501 is prone to an elevation of privileges vulnerability during authentication of a valid user in a debugger-pause state. The vulnerability can only be exploited by a local authenticated attacker.

7.8CVSS7.5AI score0.00156EPSS