Lucene search

K
TufinSecuretrack

7 matches found

CVE
CVE
added 2019/06/19 4:15 p.m.64 views

CVE-2018-18406

An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload inside the xml input field. The XXE vulnerability is blind since the response doe...

9.9CVSS6.7AI score0.00729EPSS
CVE
CVE
added 2021/02/09 5:15 a.m.50 views

CVE-2020-13460

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities were present in Tufin SecureTrack, affecting all versions prior to R20-2 GA.

8.8CVSS8.9AI score0.00141EPSS
CVE
CVE
added 2021/02/09 5:15 a.m.48 views

CVE-2020-13461

Username enumeration in present in Tufin SecureTrack. It's affecting all versions of SecureTrack. The vendor has decided not to fix this vulnerability. Vendor's response: "This attack requires access to the internal network. If an attacker is part of the internal network, they do not require access...

4.3CVSS4.6AI score0.00076EPSS
CVE
CVE
added 2021/02/09 5:15 a.m.47 views

CVE-2020-13408

Tufin SecureTrack

5.9CVSS5.4AI score0.00151EPSS
CVE
CVE
added 2021/02/09 5:15 a.m.46 views

CVE-2020-13409

Tufin SecureTrack

5.9CVSS5.4AI score0.00151EPSS
CVE
CVE
added 2021/02/09 6:15 a.m.45 views

CVE-2020-13462

Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA. Fixed in version R20-2 GA.

5.7CVSS5.5AI score0.00079EPSS
CVE
CVE
added 2021/02/09 5:15 a.m.41 views

CVE-2020-13407

Tufin SecureTrack

5.9CVSS5.4AI score0.00151EPSS