Vulnerabilities (CVE)

Filtered by vendor Teradata Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6499 1 Teradata 1 Viewpoint 2024-11-21 9.3 HIGH 8.1 HIGH
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system.
CVE-2016-7490 1 Teradata 1 Studio Express 2024-11-21 7.2 HIGH 7.8 HIGH
The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. A malicious local user could create a symlink in /tmp and possibly clobber system files or perhaps elevate privileges.
CVE-2016-7489 1 Teradata 1 Virtual Machine 2024-11-21 10.0 HIGH 9.8 CRITICAL
Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution.
CVE-2016-7488 1 Teradata 1 Virtual Machine 2024-11-21 7.2 HIGH 7.8 HIGH
Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root.
CVE-2015-5401 1 Teradata 2 Teradata Express, Teradata Gateway 2024-11-21 5.0 MEDIUM 7.5 HIGH
Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message.