Showing topics marked with the following tags:

(10 of 96)

Sort by:
Attacker Value
Moderate

CVE-2020-3158

Disclosure Date: February 20, 2020 (last updated March 10, 2020)
A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator. An attacker could exploit this vulnerability by using this default account to connect to the affected system. A successful exploit could allow the attacker to obtain read and write access to system data, including the configuration of an affected device. The attacker would gain access to a sensitive portion of the system, but the attacker would not have full administrative rights to control the device.
Attack Vector: Network
0
Attacker Value
High

CVE-2019-5021

Disclosure Date: May 08, 2019 (last updated February 13, 2020)
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container which utilize Linux PAM, or some other mechanism which uses the system shadow file as an authentication database, may accept a NULL password for the `root` user.
0
Attacker Value
High

CVE-2019-17388

Disclosure Date: March 28, 2019 (last updated March 10, 2020)
Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications.
Attack Vector: Local
0
Attacker Value
Moderate
The windows task scheduler allows a split token administrator to register a task which runs as a batch job from a limited privilege context. This doesn't require a user's password to accomplish as the task will be run non-interactively and so doesn't need access to the password in order to access remote resources. Due to the way that batch logons work in the latest versions of Windows for a split token admin user this actually creates the fully privileged token to execute the task under.
Utility Class: Privilege Escalation
0
Attacker Value
High

CVE-2019-9627

Disclosure Date: March 08, 2019 (last updated March 10, 2020)
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path.
Attack Vector: Local
0
Attacker Value
Very Low

Unknown iOS Mail.App RCE ZecOps

Last updated May 13, 2020
To quote the Reuters report: "To execute the hack, Avraham said victims would be sent an apparently blank email message through the Mail app forcing a crash and reset. The crash opened the door for hackers to steal other data on the device, such as photos and contact details." So, it sounds like a font or other kind of render thing in Mail.App. No clicks required other than opening the email.
Utility Class: RCE
2
Attacker Value
Very High

CVE-2016-1561

Disclosure Date: April 21, 2017 (last updated May 30, 2020)
ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image.
Attack Vector: Network
0
Attacker Value
High

CVE-2020-4429

Disclosure Date: April 21, 2020 (last updated May 30, 2020)
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534.
Attack Vector: Network
0
Attacker Value
Moderate

CVE-2020-8644

Disclosure Date: February 05, 2020 (last updated May 30, 2020)
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.
Attack Vector: Network
0
Attacker Value
Moderate

CVE-2019-10692

Disclosure Date: April 02, 2019 (last updated May 30, 2020)
In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.
Attack Vector: Network
0