Securetrack Security Vulnerabilities and Issues — Securetrack CVE List

Lucene search

TufinSecuretrack

7 matches found

CVE•added 2019/06/19 4:15 p.m.•64 views

CVE-2018-18406

An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload inside the xml input field. The XXE vulnerability is blind since the response doe...

9.9CVSS6.7AI score0.00729EPSS

CVE•added 2021/02/09 5:15 a.m.•50 views

CVE-2020-13460

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities were present in Tufin SecureTrack, affecting all versions prior to R20-2 GA.

8.8CVSS8.9AI score0.00141EPSS

CVE•added 2021/02/09 5:15 a.m.•48 views

CVE-2020-13461

Username enumeration in present in Tufin SecureTrack. It's affecting all versions of SecureTrack. The vendor has decided not to fix this vulnerability. Vendor's response: "This attack requires access to the internal network. If an attacker is part of the internal network, they do not require access...

4.3CVSS4.6AI score0.00076EPSS

CVE•added 2021/02/09 5:15 a.m.•47 views

CVE-2020-13408

Tufin SecureTrack

5.9CVSS5.4AI score0.00151EPSS

CVE•added 2021/02/09 5:15 a.m.•46 views

CVE-2020-13409

Tufin SecureTrack

5.9CVSS5.4AI score0.00151EPSS

CVE•added 2021/02/09 6:15 a.m.•45 views

CVE-2020-13462

Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA. Fixed in version R20-2 GA.