CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1699 – Rapid7 Nexpose Forced Browsing
https://notcve.org/view.php?id=CVE-2023-1699
30 Mar 2023 — Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability. This vulnerability allows an attacker to manipulate URLs to forcefully browse to and access administrative pages. This vulnerability is fixed in version 6.6.187. • https://docs.rapid7.com/release-notes/nexpose/20230329 • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3913 – Rapid7 Nexpose Certificate Validation Issue
https://notcve.org/view.php?id=CVE-2022-3913
01 Feb 2023 — Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of the update server when downloading updates. This failure could allow an attacker in a privileged position on the network to provide their own HTTPS endpoint, or intercept communications to the legitimate endpoint. The attacker would need some pre-existing access to at least one node on the network path between the Rapid7-controlled update server and the Nexpose/InsightVM application, and the ability to either sp... • https://docs.rapid7.com/release-notes/nexpose/20230201 • CWE-295: Improper Certificate Validation •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-4261 – Rapid7 Nexpose Update Validation Issue
https://notcve.org/view.php?id=CVE-2022-4261
07 Dec 2022 — Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate the authenticity of update contents. This failure could allow an attacker to provide a malicious update and alter the functionality of Rapid7 Nexpose. The attacker would need some pre-existing mechanism to provide a malicious update, either through a social engineering effort, privileged access to replace downloaded updates in transit, or by performing an Attacker-in-the-Middle attack on the update service itself. Las version... • https://docs.rapid7.com/release-notes/insightvm/20221207 • CWE-494: Download of Code Without Integrity Check •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0758 – Rapid7 Nexpose Reflected XSS
https://notcve.org/view.php?id=CVE-2022-0758
17 Mar 2022 — Rapid7 Nexpose versions 6.6.129 and earlier suffer from a reflected cross site scripting vulnerability, within the shared scan configuration component of the tool. With this vulnerability an attacker could pass literal values as the test credentials, providing the opportunity for a potential XSS attack. This issue is fixed in Rapid7 Nexpose version 6.6.130. Rapid7 Nexpose versiones 6.6.129 y anteriores, sufren una vulnerabilidad de tipo cross site scripting reflejada, dentro del componente de configuración ... • https://docs.rapid7.com/release-notes/nexpose/20220309 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0757 – Rapid7 Nexpose SQL Injection
https://notcve.org/view.php?id=CVE-2022-0757
17 Mar 2022 — Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability, whereby valid search operators are not defined. This lack of validation can allow a logged-in, authenticated attacker to manipulate the "ANY" and "OR" operators in the SearchCriteria and inject SQL code. This issue was fixed in Rapid7 Nexpose version 6.6.129. Las versiones 6.6.93 y anteriores de Rapid7 Nexpose son susceptibles de una vulnerabilidad de inyección SQL, por la que no se definen operadores de búsqueda v... • https://docs.rapid7.com/release-notes/nexpose/20220302 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5640 – Rapid7 Nexpose Information Disclosure after logout
https://notcve.org/view.php?id=CVE-2019-5640
22 Nov 2021 — Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the inspect element browser feature to remove the login panel and view the details available in the last webpage visited by previous user Rapid7 Nexpose versiones anteriores a 6.6.114, sufren un problema de exposición de información por el que, cuando la sesión del usuario ha finalizado por inactividad, un atacante puede usar la funcionalidad in... • https://docs.rapid7.com/release-notes/nexpose/20211117 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-31868 – Rapid7 Nexpose Security Console Ticket Access Authentication Vulnerability
https://notcve.org/view.php?id=CVE-2021-31868
19 Aug 2021 — Rapid7 Nexpose version 6.6.95 and earlier allows authenticated users of the Security Console to view and edit any ticket in the legacy ticketing feature, regardless of the assignment of the ticket. This issue was resolved in version 6.6.96, released on August 4, 2021. Rapid7 Nexpose versiones 6.6.95 y anteriores, permiten a usuarios autenticados de la Consola de Seguridad visualizar y editar cualquier ticket en la funcionalidad legacy ticketing, independientemente de la asignación del ticket. Este problema ... • https://docs.rapid7.com/release-notes/nexpose/20210804 • CWE-306: Missing Authentication for Critical Function •