CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-37382
https://notcve.org/view.php?id=CVE-2024-37382
08 Aug 2024 — An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway before 4.3.1.1 allows attackers to run arbitrary code via crafted modification of server configuration. • https://www.abinitio.com/en/security-advisories/ab-2024-003 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-33408
https://notcve.org/view.php?id=CVE-2021-33408
27 May 2021 — Local File Inclusion vulnerability in Ab Initio Control>Center before 4.0.2.6 allows remote attackers to retrieve arbitrary files. Fixed in v4.0.2.6 and v4.0.3.1. Una vulnerabilidad de inclusión de Archivos Locales en Ab Initio Control ) Center versiones anteriores a 4.0.2.6, permite a atacantes remotos recuperar archivos arbitrarios. Corregido en versiones v4.0.2.6 y v4.0.3.1 • https://www.abinitio.com/en/security-advisories/ab-2021-001 • CWE-319: Cleartext Transmission of Sensitive Information •