Page 5 of 24 results (0.009 seconds)

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0

GateManager versions prior to 9.2c, The affected product uses a weak hash type, which may allow an attacker to view user passwords. GateManager versiones anteriores a 9.2c, el producto afectado usa un tipo de hash débil, que puede permitir a un atacante visualizar las contraseñas de los usuarios • https://us-cert.cisa.gov/ics/advisories/icsa-20-210-01 • CWE-916: Use of Password Hash With Insufficient Computational Effort •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root. GateManager versiones anteriores a 9.2c, el producto afectado contiene una credencial embebida para telnet, lo que permite a un atacante no privilegiado ejecutar comandos como root • https://us-cert.cisa.gov/ics/advisories/icsa-20-210-01 • CWE-193: Off-by-one Error CWE-798: Use of Hard-coded Credentials •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

GateManager versions prior to 9.2c, The affected product is vulnerable to an off-by-one error, which may allow an attacker to remotely execute arbitrary code or cause a denial-of-service condition. GateManager versiones anteriores a 9.2c, el producto afectado es vulnerable a un error por un paso, que puede permitir a un atacante ejecutar remotamente código arbitrario o causar una condición de denegación de servicio • https://us-cert.cisa.gov/ics/advisories/icsa-20-210-01 • CWE-193: Off-by-one Error •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary data. Secomea GateManager todas las versiones anteriores a 9.2c, un atacante puede enviar un valor negativo y sobrescribir datos arbitrarios • https://us-cert.cisa.gov/ics/advisories/icsa-20-210-01 • CWE-158: Improper Neutralization of Null Byte or NUL Character CWE-476: NULL Pointer Dereference •