CVSS: 9.8EPSS: 80%CPEs: 3EXPL: 2CVE-2021-45967
https://notcve.org/view.php?id=CVE-2021-45967
18 Mar 2022 — An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints. Se ha detectado un problema en Pascom Cloud Phone System versiones anteriores a 7.20.x. Un error de configuración entre NGINX y un servidor Tomcat backend conlleva a un salto de ruta en el servidor Tomcat, exponiendo endpoints no deseados • https://kerbit.io/research/read/blog/4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 93%CPEs: 1EXPL: 0CVE-2019-18394
https://notcve.org/view.php?id=CVE-2019-18394
24 Oct 2019 — A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. Una vulnerabilidad de tipo Server Side Request Forgery (SSRF) en el archivo FaviconServlet.java en Ignite Realtime Openfire versiones hasta 4.4.2, permite a atacantes enviar peticiones HTTP GET arbitrarias. • https://github.com/igniterealtime/Openfire/pull/1497 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 83%CPEs: 1EXPL: 0CVE-2019-18393
https://notcve.org/view.php?id=CVE-2019-18393
24 Oct 2019 — PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability. El archivo PluginServlet.java en Ignite Realtime Openfire versiones hasta 4.4.2, no garantiza que los archivos recuperados se encuentren en el directorio de inicio de Openfire, también se conoce como una vulnerabilidad de salto de directorio. • https://github.com/igniterealtime/Openfire/pull/1498 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15488
https://notcve.org/view.php?id=CVE-2019-15488
23 Aug 2019 — Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP setup test. Ignite Realtime Openfire anterior de la versión 4.4.1 ha reflejado XSS a través de una prueba de configuración LDAP. • https://github.com/igniterealtime/Openfire/compare/cd0a573...5e5d9e5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15911
https://notcve.org/view.php?id=CVE-2017-15911
26 Oct 2017 — The Admin Console in Ignite Realtime Openfire Server before 4.1.7 allows arbitrary client-side JavaScript code execution on victims who click a crafted setup/setup-host-settings.jsp?domain= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish communication channels, etc. The vulnerability is present after login into the application. La consola de administrador en Ignite Realtime Openfire Server en versiones anteriores... • https://becomepentester.blogspot.ae/2017/10/Cross-Site-Scripting-Openfire-4.1.6-CVE-2017-15911.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-3451 – OpenFire XMPP 3.9.3 Certificate Handling
https://notcve.org/view.php?id=CVE-2014-3451
24 Apr 2015 — OpenFire XMPP Server before 3.10 accepts self-signed certificates, which allows remote attackers to perform unspecified spoofing attacks. OpenFire XMPP Server en versiones anteriores a la 3.10 acepta certificados autofirmados, lo que permite que atacantes remotos realicen ataques de spoofing sin especificar. OpenFire XMPP versions 3.9.3 and below incorrectly accepts self-signed certificates potentially allowing for spoofing attacks. • http://packetstormsecurity.com/files/131614/OpenFire-XMPP-3.9.3-Certificate-Handling.html • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0CVE-2014-2741 – Gentoo Linux Security Advisory 201406-35
https://notcve.org/view.php?id=CVE-2014-2741
11 Apr 2014 — nio/XMLLightweightParser.java in Ignite Realtime Openfire before 3.9.2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack. El archivo nio/XMLLightweightParser.java en Ignite Realtime Openfire anterior a versión 3.9.2, no restringe apropiadamente el procesamiento de elementos XML comprimidos, lo que permite a los atacantes remotos causar una denegación de se... • http://community.igniterealtime.org/thread/52317 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 7%CPEs: 29EXPL: 4CVE-2009-1595 – Openfire 3.x - jabber:iq:auth 'passwd_change' Remote Password Change
https://notcve.org/view.php?id=CVE-2009-1595
11 May 2009 — The jabber:iq:auth implementation in IQAuthHandler.java in Ignite Realtime Openfire before 3.6.4 allows remote authenticated users to change the passwords of arbitrary accounts via a modified username element in a passwd_change action. La implementación jabber:iq:auth en IQAuthHandler.java de Ignite Realtime Openfire v3.6.5 permite a usuarios remotos autenticados cambiar las contraseñas de cuentas de usuario de su elección a través de un elemento "username" (nombre de usuario) modificado en la acción passwd... • https://www.exploit-db.com/exploits/32967 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2009-1596 – Gentoo Linux Security Advisory 201406-35
https://notcve.org/view.php?id=CVE-2009-1596
11 May 2009 — Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password (aka canChangePassword) console configuration setting, which allows remote authenticated users to bypass intended policy and change their own passwords via a passwd_change IQ packet. Ignite Realtime Openfire antes de v3.6.5 no implementa correctamente la propiedad de configuración de la consola register.password (alias canChangePassword), lo que permite eludir la política de seguridad a usuarios remotos autenticados, así... • http://secunia.com/advisories/34984 • CWE-287: Improper Authentication •
CVSS: 9.1EPSS: 75%CPEs: 25EXPL: 5CVE-2008-6508 – Openfire Server 3.6.0a - Admin Console Authentication Bypass
https://notcve.org/view.php?id=CVE-2008-6508
23 Mar 2009 — Directory traversal vulnerability in the AuthCheck filter in the Admin Console in Openfire 3.6.0a and earlier allows remote attackers to bypass authentication and access the admin interface via a .. (dot dot) in a URI that matches the Exclude-Strings list, as demonstrated by a /setup/setup-/.. sequence in a URI. Una vulnerabilidad de salto de directorio en el filtro AuthCheck de la Consola de administración de Openfire 3.6.0a y anteriores permite a atacantes remotos eludir el proceso de autenticación y acce... • https://www.exploit-db.com/exploits/19432 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •