Page 2 of 519 results (0.008 seconds)

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

The vulnerability allows an unauthenticated attacker to read arbitrary information from the database. La vulnerabilidad permite a un atacante no autenticado leer información arbitraria de la base de datos. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678 •

CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0

The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions. La vulnerabilidad permite a un usuario malicioso de PAM con pocos privilegios realizar acciones relacionadas con la actualización del servidor. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678 •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint. La vulnerabilidad permite a un atacante eludir los requisitos de autenticación para un endpoint PAM específico. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678 • CWE-306: Missing Authentication for Critical Function •

CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file. Esta vulnerabilidad permite a un atacante no autenticado lograr la ejecución remota de comandos en el sistema PAM afectado cargando un archivo de actualización de PAM especialmente manipulado. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0

An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request. Una validación de entrada incorrecta permite que un atacante no autenticado logre la ejecución remota de comandos en el sistema PAM afectado enviando una solicitud HTTP especialmente manipulada. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678 • CWE-665: Improper Initialization •