CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38130
https://notcve.org/view.php?id=CVE-2022-38130
The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file (i.e., \\<attacker-host>\sms\<attacker-db.zip>), effectively controlling the content of the database to be restored. El método com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() es usado para restaurar la base de datos HSQLDB usada en SMS. Toma la ruta del archivo de base de datos comprimido como único parámetro. • https://www.tenable.com/security/research/tra-2022-28 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-38129
https://notcve.org/view.php?id=CVE-2022-38129
A path traversal vulnerability exists in the com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() method in the Keysight Sensor Management Server (SMS). This allows an unauthenticated remote attacker to upload arbitrary files to the SMS host. Se presenta una vulnerabilidad de salto de rutas en el método com.keysight.tentacle.licensing.LicenseManager.addLicenseFile() en Keysight Sensor Management Server (SMS). Esto permite que un atacante remoto no autenticado cargue archivos arbitrarios en el host de SMS • https://www.tenable.com/security/research/tra-2022-28 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 6%CPEs: 4EXPL: 0CVE-2022-1661 – Keysight N6854A Geolocation server and N6841A RF Sensor software
https://notcve.org/view.php?id=CVE-2022-1661
The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files. Los productos afectados son vulnerables a un salto de directorio, lo que puede permitir a un atacante obtener archivos arbitrarios del sistema operativo This vulnerability allows remote attackers to disclose sensitive information on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UserFirmwareRequestHandler class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose files in the context of SYSTEM. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-1660 – Keysight N6854A Geolocation server and N6841A RF Sensor software
https://notcve.org/view.php?id=CVE-2022-1660
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code. Los productos afectados son vulnerables de datos no confiables debido a la deserialización sin autorización/autenticación previa, lo que puede permitir a un atacante ejecutar remotamente código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of Spring Framework. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-146-01 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35121
https://notcve.org/view.php?id=CVE-2020-35121
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro. Se detectó un problema en el plugin Keysight Database Connector versiones anteriores a 1.5.0 para Confluence. Un usuario malicioso podría insertar JavaScript arbitrario en los parámetros macro guardados que podrían ejecutarse cuando un usuario visualizaba una página con esa instancia de la macro • https://bitbucket.org/keysight/keysight-plugins-for-atlassian-products/wiki/Confluence%20Plugins/Database%20Plugin •