Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-38137 | 1 Corero | 1 Securewatch Managed Services | 2024-02-28 | 5.5 MEDIUM | 8.1 HIGH |
Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor user’s privileges, allowing a user to perform actions not belonging to his role. | |||||
CVE-2021-38136 | 1 Corero | 1 Securewatch Managed Services | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snap_file parameter in the /it-IT/splunkd/__raw/services/get_snapshot HTTP API endpoint. A ‘low privileged’ attacker can read any file on the target host. |