Vulnerabilities (CVE)

Filtered by vendor Replicated Subscribe
Filtered by product Replicated Classic
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-43058 1 Replicated 1 Replicated Classic 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site.
CVE-2020-10590 1 Replicated 1 Replicated Classic 2024-11-21 5.0 MEDIUM 7.5 HIGH
Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console.