Daily Vulnerability Trends: Fri Aug 25 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-36874Windows Error Reporting Service Elevation of Privilege VulnerabilityCVE-2023-32315Openfire is an XMPP server...
Vulnerabilities
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator server-side request forgery | CVE-2023-37440
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator server-side request forgeryPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect...
Netgear NMS300 command execution |
NAME__________Netgear NMS300 command executionPlatforms Affected:NETGEAR NMS300Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Netgear NMS300 could allow a remote attacker to execute arbitrary commands on...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37429
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37434
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37436
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
FileMage Gateway Windows Deployments directory traversal | CVE-2023-39026
NAME__________FileMage Gateway Windows Deployments directory traversalPlatforms Affected:FileMage Gateway Windows Deployments 1.10.8Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________FileMage Gateway Windows Deployments could allow a...
Pandora FMS server-side request forgery | CVE-2023-24515
NAME__________Pandora FMS server-side request forgeryPlatforms Affected:Artica Pandora FMS 767Risk Level:5.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Pandora FMS is vulnerable to server-side request forgery, caused...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37433
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37432
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
Pandora FMS file upload | CVE-2023-24517
NAME__________Pandora FMS file uploadPlatforms Affected:Artica Pandora FMS 767Risk Level:6.4Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Pandora FMS could allow a remote authenticated attacker to upload...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37431
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37438
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37437
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37430
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator weak security | CVE-2023-37426
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator weak securityPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
Pandora FMS cross-site scripting | CVE-2023-24514
NAME__________Pandora FMS cross-site scriptingPlatforms Affected:Artica Pandora FMS 767Risk Level:6.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pandora FMS is vulnerable to cross-site scripting, caused by improper...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator command execution | CVE-2023-37428
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator command executionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injection | CVE-2023-37435
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator SQL injectionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator command execution | CVE-2023-37427
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator command executionPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
HPE Aruba Networking EdgeConnect SD-WAN Orchestrator cross-site scripting | CVE-2023-37439
NAME__________HPE Aruba Networking EdgeConnect SD-WAN Orchestrator cross-site scriptingPlatforms Affected:HPE Aruba Networking EdgeConnect SD-WAN Orchestrator 9.0 HPE Aruba Networking EdgeConnect SD-WAN...
Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS 6300 Series Fabric Interconnects denial of service | CVE-2023-20200
NAME__________Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS 6300 Series Fabric Interconnects denial of servicePlatforms Affected:Cisco UCS 6300...
Cisco FXOS Software security bypass | CVE-2023-20234
NAME__________Cisco FXOS Software security bypassPlatforms Affected:Cisco Firepower 9300 Series Security Appliances Cisco FXOS Software Cisco Firepower 4100 Series Cisco Firepower...
Forum Access module for Drupal code execution |
NAME__________Forum Access module for Drupal code executionPlatforms Affected:Drupal Forum Access module for Drupal 7.x-1.5Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Forum Access module for...
