Vulnerabilities (CVE)

Filtered by vendor Corero Subscribe
Filtered by product Securewatch Managed Services
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38137 1 Corero 1 Securewatch Managed Services 2024-11-21 5.5 MEDIUM 8.1 HIGH
Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor user’s privileges, allowing a user to perform actions not belonging to his role.
CVE-2021-38136 1 Corero 1 Securewatch Managed Services 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snap_file parameter in the /it-IT/splunkd/__raw/services/get_snapshot HTTP API endpoint. A ‘low privileged’ attacker can read any file on the target host.