CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43058
https://notcve.org/view.php?id=CVE-2021-43058
01 Nov 2021 — An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site. Se presenta una vulnerabilidad de redireccionamiento abierto en Replicated Classic versiones anteriores a 2.53.1, que podría conllevar a una suplantación de identidad. Para explotar esta vulnerabilidad, un atacante podrí... • https://www.replicated.com/security/advisories/CVE-2021-43058 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-10590
https://notcve.org/view.php?id=CVE-2020-10590
28 Jul 2021 — Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console. Replicated Classic versiones 2.x, presentan una API asegurada inapropiadamente que expone datos confidenciales de la configuración de la Consola de Administración Replicada. Un atacante con a... • https://blog.replicated.com •