CVSS: 9.8EPSS: 90%CPEs: 1EXPL: 3CVE-2020-35846 – Cockpit CMS 0.11.1 NoSQL Injection / Remote Command Execution
https://notcve.org/view.php?id=CVE-2020-35846
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. Agentejo Cockpit versiones anteriores a 0.11.2, permite una inyección NoSQL por medio de la función check del archivo Controller/Auth.php. • https://github.com/JohnHammond/CVE-2020-35846 https://github.com/0z09e/CVE-2020-35846 http://packetstormsecurity.com/files/162282/Cockpit-CMS-0.11.1-NoSQL-Injection-Remote-Command-Execution.html https://getcockpit.com https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466 https://github.com/agentejo/cockpit/commit/33e7199575631ba1f74cba6b16b10c820bec59af https://github.com/agentejo/cockpit/commit/79fc9631ffa29146e3124ceaf99879b92e1ef24b • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 83%CPEs: 1EXPL: 2CVE-2020-35848 – Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
https://notcve.org/view.php?id=CVE-2020-35848
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php newpassword function. Agentejo Cockpit versiones anteriores a 0.11.2, permite una inyección NoSQL por medio de la función newpassword del archivo Controller/Auth.php. • https://www.exploit-db.com/exploits/50185 http://packetstormsecurity.com/files/163762/Cockpit-CMS-0.11.1-NoSQL-Injection.html https://getcockpit.com https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466 https://github.com/agentejo/cockpit/commit/33e7199575631ba1f74cba6b16b10c820bec59af https://github.com/agentejo/cockpit/commit/79fc9631ffa29146e3124ceaf99879b92e1ef24b • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 81%CPEs: 1EXPL: 3CVE-2020-35847 – Cockpit CMS 0.11.1 - 'Username Enumeration & Password Reset' NoSQL Injection
https://notcve.org/view.php?id=CVE-2020-35847
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function. Agentejo Cockpit versiones anteriores a 0.11.2, permite una inyección NoSQL por medio de la función resetpassword del archivo Controller/Auth.php. • https://www.exploit-db.com/exploits/50185 http://packetstormsecurity.com/files/162282/Cockpit-CMS-0.11.1-NoSQL-Injection-Remote-Command-Execution.html http://packetstormsecurity.com/files/163762/Cockpit-CMS-0.11.1-NoSQL-Injection.html https://getcockpit.com https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466 https://github.com/agentejo/cockpit/commit/33e7199575631ba1f74cba6b16b10c820bec59af https://github.com/agentejo/cockpit/commit/79fc9631ffa29146e3124ceaf99879b92e1ef24b • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-14408
https://notcve.org/view.php?id=CVE-2020-14408
An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector. Se detectó un problema en Agentejo Cockpit versión 0.10.2. El saneamiento insuficiente del parámetro to en la ruta /auth/login permite una inyección de código arbitrario de JavaScript en el contenido de una página web, creando un vector de ataque de tipo XSS Reflejado • https://github.com/agentejo/cockpit/issues/1310 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-3804 – cockpit: Crash when parsing invalid base64 headers
https://notcve.org/view.php?id=CVE-2019-3804
It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash. Se ha detectado que cockpit, en versiones anteriores a la 184, empleaba incorrectamente la funcionalidad de descodificación de base64 de glib, lo que resultaba en un ataque de denegación de servicio (DoS). Un atacante no autenticado podría enviar una petición especialmente manipulada con una cookie no válida codificada en base64, lo que podría provocar el cierre inesperado del servicio web. It was found that cockpit used glib's base64 decode functionality incorrectly resulting in a denial of service attack. • https://access.redhat.com/errata/RHSA-2019:1569 https://access.redhat.com/errata/RHSA-2019:1571 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3804 https://github.com/cockpit-project/cockpit/commit/c51f6177576d7e12 https://github.com/cockpit-project/cockpit/pull/10819 https://access.redhat.com/security/cve/CVE-2019-3804 https://bugzilla.redhat.com/show_bug.cgi?id=1663567 • CWE-909: Missing Initialization of Resource •