3 results (0.012 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Appliance-X) version(s) 10.1, 9.1 and earlier could allow an attacker to potentially gain access to the application in the context of the targeted user’s account. Una vulnerabilidad de omisión de autenticación en el componente SAML Authentication de BlackBerry Workspaces Server (implementado con Appliance-X) versiones(s) 10.1, 9.1 y anteriores, podría permitir a un atacante conseguir acceso a la aplicación en el contexto de la cuenta del usuario objetivo • https://support.blackberry.com/kb/articleDetail?articleNumber=000078926 • CWE-287: Improper Authentication •

CVSS: 6.5EPSS: 97%CPEs: 13EXPL: 7

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users. Se descubrió un problema en SaltStack Salt versiones anteriores a la versión 2019.2.4 y versiones 3000 anteriores a 3000.2. La clase ClearFuncs del proceso Salt-master permite acceder a algunos métodos que sanean inapropiadamente las rutas. • https://www.exploit-db.com/exploits/48421 https://github.com/ssrsec/CVE-2020-11651-CVE-2020-11652-EXP https://github.com/Al1ex/CVE-2020-11652 https://github.com/limon768/CVE-2020-11652-POC https://github.com/fanjq99/CVE-2020-11652 https://github.com/appcheck-ng/salt-rce-scanner-CVE-2020-11651-CVE-2020-11652 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00047.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00070.html http://packetstormsecurit • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 97%CPEs: 38EXPL: 18

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. • https://www.exploit-db.com/exploits/49039 https://www.exploit-db.com/exploits/48143 https://github.com/sgdream/CVE-2020-1938 https://github.com/xindongzhuaizhuai/CVE-2020-1938 https://github.com/laolisafe/CVE-2020-1938 https://github.com/sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read https://github.com/fairyming/CVE-2020-1938 https://github.com/dacade/CVE-2020-1938 https://github.com/Hancheng-Lei/Hacking-Vulnerability-CVE-2020-1938-Ghostcat https://github.com/w4fz5uck5& • CWE-285: Improper Authorization •