Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2022-27969

Disclosure Date: September 08, 2022 (last updated October 08, 2023)
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy users via a crafted GET request sent to /WebApp/DeceptionUser/GetAllDeceptionUsers.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-27968

Disclosure Date: September 08, 2022 (last updated October 08, 2023)
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-27967

Disclosure Date: September 08, 2022 (last updated October 08, 2023)
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0