Cloudcnm Secumanager Security Vulnerabilities and Issues — Cloudcnm Secumanager CVE List

Lucene search

ZyxelCloudcnm Secumanager

22 matches found

CVE•added 2022/09/29 3:15 a.m.•1634 views

CVE-2020-15345

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_instances_for_update API.

5.3CVSS5.4AI score0.00423EPSS

CVE•added 2022/09/29 3:15 a.m.•1630 views

CVE-2020-15344

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_user_id_and_key API.

5.3CVSS5.4AI score0.00437EPSS

CVE•added 2022/09/29 3:15 a.m.•1622 views

CVE-2020-15343

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.

5.3CVSS5.4AI score0.00437EPSS

CVE•added 2022/09/29 3:15 a.m.•1615 views

CVE-2020-15342

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.

5.3CVSS5.4AI score0.00373EPSS

CVE•added 2022/09/29 3:15 a.m.•1534 views

CVE-2020-15346

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.

5.3CVSS5.3AI score0.00547EPSS

CVE•added 2020/06/29 4:15 p.m.•33 views

CVE-2020-15317

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree.

5.9CVSS5.8AI score0.00286EPSS

CVE•added 2020/06/29 4:15 p.m.•33 views

CVE-2020-15318

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree.

5.9CVSS5.8AI score0.00286EPSS

CVE•added 2022/09/29 3:15 a.m.•33 views

CVE-2020-15330

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APP_KEY in /opt/axess/etc/default/axess.

5.3CVSS5.3AI score0.00343EPSS

CVE•added 2022/09/29 3:15 a.m.•32 views

CVE-2020-15337

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests.

5.3CVSS5.4AI score0.00492EPSS

CVE•added 2020/06/29 3:15 p.m.•31 views

CVE-2020-15312

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account.

5.9CVSS5.8AI score0.00286EPSS

CVE•added 2020/06/29 4:15 p.m.•31 views

CVE-2020-15316

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree.

5.9CVSS5.8AI score0.00286EPSS

CVE•added 2022/09/29 3:15 a.m.•31 views

CVE-2020-15328

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions.

5.3CVSS5.3AI score0.00492EPSS

CVE•added 2022/09/29 3:15 a.m.•30 views

CVE-2020-15334

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file.

5.3CVSS5.5AI score0.00585EPSS

CVE•added 2022/09/29 3:15 a.m.•30 views

CVE-2020-15338

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests.

5.3CVSS5.4AI score0.00492EPSS

CVE•added 2020/06/29 3:15 p.m.•29 views

CVE-2020-15313

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account.

5.9CVSS5.8AI score0.00286EPSS

CVE•added 2020/06/29 4:15 p.m.•29 views

CVE-2020-15315

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree.

5.9CVSS5.8AI score0.00286EPSS

CVE•added 2020/06/29 4:15 p.m.•29 views

CVE-2020-15319

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree.

5.9CVSS5.8AI score0.00286EPSS

CVE•added 2022/09/29 3:15 a.m.•29 views

CVE-2020-15326

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem.

5.3CVSS5.3AI score0.00559EPSS

CVE•added 2022/09/29 3:15 a.m.•29 views

CVE-2020-15333

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discover accounts via MySQL "select * from Administrator_users" and "select * from Users_users" requests.

5.3CVSS5.2AI score0.00918EPSS

CVE•added 2020/06/29 3:15 p.m.•28 views

CVE-2020-15314

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account.

5.9CVSS5.8AI score0.00286EPSS

CVE•added 2022/09/29 3:15 a.m.•27 views

CVE-2020-15325

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication.

5.3CVSS5.3AI score0.00343EPSS

CVE•added 2022/09/29 3:15 a.m.•24 views

CVE-2020-15329

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions.

5.3CVSS5.3AI score0.00492EPSS