CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 3CVE-2020-12714 – CipherMail Community Virtual Appliance 4.6.2 Code Execution
https://notcve.org/view.php?id=CVE-2020-12714
09 Jun 2020 — An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger Virtual Appliances 1.1.1 through 3.1.1-0. A Diffie-Hellman parameter of insufficient size could allow man-in-the-middle compromise of communications between CipherMail products and external SMTP clients. Se detectó un problema en CipherMail Community Gateway Virtual Appliances y Professional/Enterprise Gateway Virtua... • https://packetstorm.news/files/id/158001 • CWE-326: Inadequate Encryption Strength •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-13414
https://notcve.org/view.php?id=CVE-2020-13414
22 May 2020 — An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software. Se detectó un problema en Aviatrix Controller versiones anteriores a 5.4.1204. Contiene credenciales no utilizadas por el software. • https://docs.aviatrix.com/HowTos/security_bulletin_article.html#clean-up-old-code • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 1CVE-2020-13417
https://notcve.org/view.php?id=CVE-2020-13417
22 May 2020 — An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters. Se detectó un problema de Elevación de Privilegios en Aviatrix VPN Client versiones anteriores a 2.10.7, debido a una corrección incompleta para CVE-2020-7224. Esto afecta las instalaciones de Linux, macOS y Windows para determinados parámetros OpenSSL. • https://docs.aviatrix.com/HowTos/security_bulletin_article.html#openvpn-client-elevation-of-privilege •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-11543
https://notcve.org/view.php?id=CVE-2020-11543
07 Apr 2020 — OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the password 9vt@f3Vt that allows root SSH access to the server. This issue has been resolved in OpsRamp Gateway firmware version 7.0.0 where an administrator and a system user accounts are the only available user accounts for the gateway appliance. OpsRamp Gateway anterior a la versión 7.0.0 tiene una cuenta de puerta trasera vadmin con la contraseña 9vt@f3Vt que permite el acceso SSH raíz al servidor. Este problema ha sido resuelto en la vers... • https://docs.opsramp.com/about/release-notes/summer-2020-update/#simplified-gateway-appliance-accounts • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2019-9009
https://notcve.org/view.php?id=CVE-2019-9009
17 Sep 2019 — An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash. Se descubrió un problema en 3S-Smart CODESYS versiones anteriores a 3.5.15.0. Unos paquetes de red diseñados causan que el Control Runtime se bloquee. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download= • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2019-9012
https://notcve.org/view.php?id=CVE-2019-9012
15 Aug 2019 — An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12938&token=b9eb30f53246dc57b2e7cb302356a05547148fa2&download= • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2019-9010
https://notcve.org/view.php?id=CVE-2019-9010
15 Aug 2019 — An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODE... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12937&token=769045a17015bea00ec7ff313de8f1a5c73e7b93&download= •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2018-20025
https://notcve.org/view.php?id=CVE-2018-20025
19 Feb 2019 — Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0. Existen valores aleatorios utilizados de manera insuficiente en los productos de CODESYS, en sus versiones V3 anteriores a la V3.5.14.0. • http://www.securityfocus.com/bid/106251 • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2018-20026
https://notcve.org/view.php?id=CVE-2018-20026
19 Feb 2019 — Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0. Existe el filtrado de direcciones de comunicación incorrecto en los productos de CODESYS, en sus versiones V3 anteriores a la V3.5.14.0. • http://www.securityfocus.com/bid/106251 •