12 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability.  This vulnerability allows an attacker to manipulate URLs to forcefully browse to and access administrative pages. This vulnerability is fixed in version 6.6.187. • https://docs.rapid7.com/release-notes/nexpose/20230329 • CWE-425: Direct Request ('Forced Browsing') •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1

Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate the authenticity of update contents. This failure could allow an attacker to provide a malicious update and alter the functionality of Rapid7 Nexpose. The attacker would need some pre-existing mechanism to provide a malicious update, either through a social engineering effort, privileged access to replace downloaded updates in transit, or by performing an Attacker-in-the-Middle attack on the update service itself. Las versiones de Rapid7 Nexpose e InsightVM anteriores a la 6.6.172 no lograron validar de manera confiable la autenticidad del contenido de la actualización. Este fallo podría permitir que un atacante proporcione una actualización maliciosa y altere la funcionalidad de Rapid7 Nexpose. • https://docs.rapid7.com/release-notes/insightvm/20221207 https://docs.rapid7.com/release-notes/nexpose/20221207 https://www.rapid7.com/blog/post/2022/12/7/cve-2022-4261-rapid7-nexpose-update-validation-issue-fixed • CWE-494: Download of Code Without Integrity Check •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Rapid7 Nexpose versions 6.6.129 and earlier suffer from a reflected cross site scripting vulnerability, within the shared scan configuration component of the tool. With this vulnerability an attacker could pass literal values as the test credentials, providing the opportunity for a potential XSS attack. This issue is fixed in Rapid7 Nexpose version 6.6.130. Rapid7 Nexpose versiones 6.6.129 y anteriores, sufren una vulnerabilidad de tipo cross site scripting reflejada, dentro del componente de configuración de análisis compartido de la herramienta. Con esta vulnerabilidad un atacante podría pasar valores literales como las credenciales de prueba, proporcionando la oportunidad para un potencial ataque de tipo XSS. • https://docs.rapid7.com/release-notes/nexpose/20220309 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability, whereby valid search operators are not defined. This lack of validation can allow a logged-in, authenticated attacker to manipulate the "ANY" and "OR" operators in the SearchCriteria and inject SQL code. This issue was fixed in Rapid7 Nexpose version 6.6.129. Las versiones 6.6.93 y anteriores de Rapid7 Nexpose son susceptibles de una vulnerabilidad de inyección SQL, por la que no se definen operadores de búsqueda válidos. Esta falta de validación puede permitir que un atacante autenticado que haya iniciado sesión manipule los operadores "ANY" y "OR" en los SearchCriteria e inyecte código SQL. • https://docs.rapid7.com/release-notes/nexpose/20220302 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous user Rapid7 Nexpose versiones anteriores a 6.6.114, sufren un problema de exposición de información por el que, cuando la sesión del usuario ha finalizado por inactividad, un atacante puede usar la funcionalidad inspect element browser para eliminar el panel de acceso y visualizar los detalles disponibles en la última página web visitada por el usuario anterior • https://docs.rapid7.com/release-notes/nexpose/20211117 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •