Filtered by vendor Teradata
Subscribe
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-6499 | 1 Teradata | 1 Viewpoint | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system. | |||||
CVE-2016-7490 | 1 Teradata | 1 Studio Express | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. A malicious local user could create a symlink in /tmp and possibly clobber system files or perhaps elevate privileges. | |||||
CVE-2016-7489 | 1 Teradata | 1 Virtual Machine | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution. | |||||
CVE-2016-7488 | 1 Teradata | 1 Virtual Machine | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root. | |||||
CVE-2015-5401 | 1 Teradata | 2 Teradata Express, Teradata Gateway | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message. |