Filtered by vendor Automox
Subscribe
Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-36122 | 2 Automox, Microsoft | 2 Automox, Windows | 2024-11-21 | N/A | 7.8 HIGH |
The Automox Agent before 40 on Windows incorrectly sets permissions on key files. | |||||
CVE-2022-27904 | 2 Apple, Automox | 2 Macos, Automox | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process. | |||||
CVE-2022-24308 | 4 Apple, Automox, Linux and 1 more | 4 Macos, Automox, Linux Kernel and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process. | |||||
CVE-2021-43326 | 2 Automox, Microsoft | 2 Automox, Windows | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory. | |||||
CVE-2021-43325 | 2 Automox, Microsoft | 2 Automox, Windows | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. NOTE: this issue exists because of a CVE-2021-43326 regression. | |||||
CVE-2021-26909 | 1 Automox | 1 Automox | 2024-11-21 | 5.0 MEDIUM | 3.7 LOW |
Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing sensitive files, which could be brute-forced by an attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent. | |||||
CVE-2021-26908 | 1 Automox | 1 Automox | 2024-11-21 | 2.1 LOW | 3.3 LOW |
Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent. |