Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown

CVE-2023-27247

Disclosure Date: March 28, 2023 (last updated October 08, 2023)
Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens.
Attack Vector: LocalPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-27969

Disclosure Date: September 08, 2022 (last updated October 08, 2023)
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy users via a crafted GET request sent to /WebApp/DeceptionUser/GetAllDeceptionUsers.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-27968

Disclosure Date: September 08, 2022 (last updated October 08, 2023)
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-27967

Disclosure Date: September 08, 2022 (last updated October 08, 2023)
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0