NotCVE - vendor:"N-able" product:"N-central"

4 results (0.001 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28200 – N-central Authentication Bypass

https://notcve.org/view.php?id=CVE-2024-28200

01 Jul 2024 — The N-central server is vulnerable to an authentication bypass of the user interface. This vulnerability is present in all deployments of N-central prior to 2024.2. This vulnerability was discovered through internal N-central source code review and N-able has not observed any exploitation in the wild. El servidor N-central es vulnerable a una omisión de autenticación de la interfaz de usuario. Esta vulnerabilidad está presente en todas las implementaciones de N-central anteriores a 2024.2. • https://documentation.n-able.com/N-central/Release_Notes/GA/Content/2024.2%20Release%20Notes.htm • CWE-288: Authentication Bypass Using an Alternate Path or Channel •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-5322 – N-central Authentication Bypass via Session Rebinding

https://notcve.org/view.php?id=CVE-2024-5322

01 Jul 2024 — The N-central server is vulnerable to session rebinding of already authenticated users when using Entra SSO, which can lead to authentication bypass. This vulnerability is present in all Entra-supported deployments of N-central prior to 2024.3. El servidor N-central es vulnerable a la nueva vinculación de sesiones de usuarios ya autenticados cuando se utiliza Entra SSO, lo que puede provocar una omisión de autenticación. Esta vulnerabilidad está presente en todas las implementaciones de N-central compatible... • https://documentation.n-able.com/N-central/Release_Notes/GA/Content/2024.3%20Release%20Notes.htm • CWE-288: Authentication Bypass Using an Alternate Path or Channel •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-47132

https://notcve.org/view.php?id=CVE-2023-47132

08 Feb 2024 — An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated privileges via API calls. Un problema descubierto en N-able N-central antes de 2023.6 y anteriores permite a los atacantes obtener privilegios elevados a través de llamadas API. • https://me.n-able.com/s/security-advisory/aArHs000000M8CHKA0/cve202347132-ncentral-api-privilege-escalation • CWE-269: Improper Privilege Management •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-30297

https://notcve.org/view.php?id=CVE-2023-30297

03 Aug 2023 — An issue found in N-able Technologies N-central Server before 2023.4 allows a local attacker to execute arbitrary code via the monitoring function of the server. Un problema encontrado en N-central Server de N-able Technologies para versiones anteriores a 2023.4 permite a un atacante local ejecutar código arbitrario a través de la función de monitorización del servidor. • https://status.n-able.com/2023/07/27/cve-2023-30297-release-note •