Search Results | AttackerKB

Show filters

Topics 12 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

12 Total Results

Displaying 1-10 of 12

Attacker Value

Unknown

CVE-2019-9202

Disclosure Date: March 28, 2019 (last updated November 27, 2024)

Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-9204

Disclosure Date: March 28, 2019 (last updated November 27, 2024)

SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers to execute arbitrary SQL commands.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-9203

Disclosure Date: March 28, 2019 (last updated November 27, 2024)

Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2017-1724

Disclosure Date: April 26, 2018 (last updated November 26, 2024)

IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134814.

0

Attacker Value

Unknown

CVE-2017-1723

Disclosure Date: April 26, 2018 (last updated November 26, 2024)

IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 134812.

0

Attacker Value

Unknown

CVE-2016-9723

Disclosure Date: March 07, 2017 (last updated November 26, 2024)

IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999534.

0

Attacker Value

Unknown

CVE-2016-9727

Disclosure Date: March 07, 2017 (last updated November 26, 2024)

IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference #: 1999542.

0

Attacker Value

Unknown

CVE-2016-9720

Disclosure Date: March 07, 2017 (last updated November 26, 2024)

IBM QRadar 7.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM Reference #: 1999533.

0

Attacker Value

Unknown

CVE-2017-1133

Disclosure Date: March 07, 2017 (last updated November 26, 2024)

IBM QRadar 7.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999534.

0

Attacker Value

Unknown

CVE-2016-9726

Disclosure Date: March 07, 2017 (last updated November 26, 2024)

IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM Reference #: 1999542.

0