Page 3 of 16 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication. Se presenta una vulnerabilidad de denegación de servicio no autenticada en Citrix ADC versiones anteriores a 13.0-83.27, versiones anteriores a 12.1-63.22 y 11.1-65.23 que, cuando es configurado como servidor virtual VPN (Gateway) o AAA, podría permitir a un atacante causar una interrupción temporal de la GUI de administración, la API Nitro y la comunicación RPC • https://support.citrix.com/article/CTX330728 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 2

An issue was discovered in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger 1.1.1 through 3.1.1-0. Attackers with administrative access to the web interface have multiple options to escalate their privileges to the Unix root account. Se detectó un problema en CipherMail Community Gateway y Professional/Enterprise Gateway versiones 1.0.1 hasta 4.7.1-0 y CipherMail Webmail Messenger versiones 1.1.1 hasta 3.1.1-0. Los atacantes con acceso administrativo a la interfaz web presentan múltiples opciones para escalar sus privilegios a la cuenta root de Unix CipherMail Community Virtual Appliance version 4.6.2 suffers from remote command execution and file injection vulnerabilities. • http://packetstormsecurity.com/files/158001/CipherMail-Community-Virtual-Appliance-4.6.2-Code-Execution.html https://www.ciphermail.com/blog/ciphermail-cve-2020-12713_2020-12714.html https://www.ciphermail.com/gateway.html https://www.ciphermail.com/news.html https://www.ciphermail.com/secure-webmail.html https://www.coresecurity.com/core-labs/advisories/ciphermail-multiple-vulnerabilities • CWE-269: Improper Privilege Management •

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 2

An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger Virtual Appliances 1.1.1 through 3.1.1-0. A Diffie-Hellman parameter of insufficient size could allow man-in-the-middle compromise of communications between CipherMail products and external SMTP clients. Se detectó un problema en CipherMail Community Gateway Virtual Appliances y Professional/Enterprise Gateway Virtual Appliances versiones 1.0.1 hasta 4.7.1-0 y CipherMail Webmail Messenger Virtual Appliances versiones 1.1.1 hasta 3.1.1-0. Un parámetro Diffie-Hellman de tamaño insuficiente podría permitir un compromiso de tipo man-in-the-middle de las comunicaciones entre los productos CipherMail y clientes SMTP externos CipherMail Community Virtual Appliance version 4.6.2 suffers from remote command execution and file injection vulnerabilities. • https://packetstormsecurity.com/files/158001/CipherMail-Community-Virtual-Appliance-4.6.2-Code-Execution.html https://www.ciphermail.com/blog/ciphermail-cve-2020-12713_2020-12714.html https://www.ciphermail.com/gateway.html https://www.ciphermail.com/news.html https://www.ciphermail.com/secure-webmail.html https://www.coresecurity.com/core-labs/advisories/ciphermail-multiple-vulnerabilities • CWE-326: Inadequate Encryption Strength •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software. Se detectó un problema en Aviatrix Controller versiones anteriores a 5.4.1204. Contiene credenciales no utilizadas por el software. • https://docs.aviatrix.com/HowTos/security_bulletin_article.html#clean-up-old-code https://www.criticalstart.com/multiple-vulnerabilities-discovered-in-aviatrix • CWE-798: Use of Hard-coded Credentials •

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1

An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters. Se detectó un problema de Elevación de Privilegios en Aviatrix VPN Client versiones anteriores a 2.10.7, debido a una corrección incompleta para CVE-2020-7224. Esto afecta las instalaciones de Linux, macOS y Windows para determinados parámetros OpenSSL. • https://docs.aviatrix.com/HowTos/security_bulletin_article.html#openvpn-client-elevation-of-privilege https://www.criticalstart.com/multiple-vulnerabilities-discovered-in-aviatrix •