Total
1024 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-30116 | 1 Kaseya | 2 Vsa Agent, Vsa Server | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x/dl.asp When an attacker download a client for Windows and installs it, the file KaseyaD.ini is generated (C:\Program Files (x86)\Kaseya\XXXXXXXXXX\KaseyaD.ini) which contains an Agent_Guid and AgentPassword This Agent_Guid and AgentPassword can be used to log in on dl.asp (https://x.x.x.x/dl.asp?un=840997037507813&pw=113cc622839a4077a84837485ced6b93e440bf66d44057713cb2f95e503a06d9) This request authenticates the client and returns a sessionId cookie that can be used in subsequent attacks to bypass authentication. Security issues discovered --- * Unauthenticated download page leaks credentials * Credentials of agent software can be used to obtain a sessionId (cookie) that can be used for services not intended for use by agents * dl.asp accepts credentials via a GET request * Access to KaseyaD.ini gives an attacker access to sufficient information to penetrate the Kaseya installation and its clients. Impact --- Via the page /dl.asp enough information can be obtained to give an attacker a sessionId that can be used to execute further (semi-authenticated) attacks against the system. | |||||
CVE-2021-29811 | 1 Ibm | 1 Tivoli Netcool\/omnibus Webgui | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials in plain clear text which can be read by an authenticated admin user. IBM X-Force ID: 204329. | |||||
CVE-2021-29262 | 1 Apache | 1 Solr | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and would allow it to be readable. Additionally, with any ZkACLProvider, if the security.json is already present, Solr will not automatically update the ACLs. | |||||
CVE-2021-29255 | 1 Microseven | 2 Mym71080i-b, Mym71080i-b Firmware | 2024-11-21 | 2.9 LOW | 7.5 HIGH |
MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp.microseven.com TCP port 7007. An attacker on the same network as the device can capture these credentials. | |||||
CVE-2021-29253 | 1 Rsa | 1 Archer | 2024-11-21 | 2.1 LOW | 5.1 MEDIUM |
The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 6.9 P2 (6.9.0.2) is affected by an insecure credential storage vulnerability. An malicious attacker with access to the Tableau workbook file may obtain access to credential information to use it in further attacks. | |||||
CVE-2021-29043 | 1 Liferay | 2 Dxp, Liferay Portal | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 does not obfuscate the S3 store's proxy password, which allows attackers to steal the proxy password via man-in-the-middle attacks or shoulder surfing. | |||||
CVE-2021-28857 | 1 Tp-link | 2 Tl-wpa4220, Tl-wpa4220 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie. | |||||
CVE-2021-28499 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 2.1 LOW | 6.3 MEDIUM |
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1x train All releases in the MOS-0.2x train MOS-0.31.1 and prior releases in the MOS-0.3x train | |||||
CVE-2021-28498 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 7.2 HIGH | 8.7 HIGH |
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user enable passwords set in clear text could result in unprivileged users getting complete access to the systems. This issue affects: Arista Metamako Operating System MOS-0.13 and post releases in the MOS-0.1x train MOS-0.26.6 and prior releases in the MOS-0.2x train MOS-0.31.1 and prior releases in the MOS-0.3x train | |||||
CVE-2021-28496 | 1 Arista | 1 Eos | 2024-11-21 | 4.0 MEDIUM | 5.7 MEDIUM |
On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection (BFD) will be leaked when displaying output over eAPI or other JSON outputs to other authenticated users on the device. The affected EOS Versions are: all releases in 4.22.x train, 4.23.9 and below releases in the 4.23.x train, 4.24.7 and below releases in the 4.24.x train, 4.25.4 and below releases in the 4.25.x train, 4.26.1 and below releases in the 4.26.x train | |||||
CVE-2021-27941 | 1 Coolkit | 1 Ewelink | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during a device pairing process. | |||||
CVE-2021-27935 | 1 Adguard | 1 Adguard Home | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie. | |||||
CVE-2021-27785 | 1 Hcltechsw | 1 Hcl Commerce | 2024-11-21 | N/A | 3.9 LOW |
HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website. | |||||
CVE-2021-27495 | 1 Ypsomed | 2 Mylife, Mylife Cloud | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,he Ypsomed mylife Cloud reflects the user password during the login process after redirecting the user from a HTTPS endpoint to a HTTP endpoint. | |||||
CVE-2021-27491 | 1 Ypsomed | 2 Mylife, Mylife Cloud | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,The Ypsomed mylife Cloud discloses password hashes during the registration process. | |||||
CVE-2021-27372 | 1 Realtek | 2 Xpon Rtl9601d, Xpon Rtl9601d Software Development Kit | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands. | |||||
CVE-2021-27187 | 1 Xn--b1agzlht | 1 Fx Aggregator Terminal Client | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 stores authentication credentials in cleartext in login.sav when the Save Password box is checked. | |||||
CVE-2021-25284 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2024-11-21 | 1.9 LOW | 4.4 MEDIUM |
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level. | |||||
CVE-2021-23222 | 1 Postgresql | 1 Postgresql | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. | |||||
CVE-2021-23207 | 1 Fresenius-kabi | 7 Agilia Connect, Agilia Partner Maintenance Software, Link\+ Agilia and 4 more | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
An attacker with physical access to the host can extract the secrets from the registry and create valid JWT tokens for the Fresenius Kabi Vigilant MasterMed version 2.0.1.3 application and impersonate arbitrary users. An attacker could manipulate RabbitMQ queues and messages by impersonating users. |