Version 21.3 was officially de-supported by the end of 2020. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This is fixed in all recent versions, such as version 26. In this way, if HTML code or client-side executable code (e.g., Javascript) is entered as input, the expected execution flow could be altered. ** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), XSS occurs in /archibus/dwr/call/plaincall/ because the data received as input from clients is re-included within the HTTP response returned by the application without adequate validation. NOTE: this is different from CVE-2014-2350.Ĭode Injection in GitHub repository jgraph/drawio prior to 19.0.2. This affects S-series, P-series, and CIOC/EIOC nodes. FTP has hardcoded credentials (but may often be disabled in production). The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through misuse passwords. NOTE: this is different from CVE-2014-2350. TELNET on port 18550 provides access to a root shell via hardcoded credentials. WIOC SSH provides access to a shell as root, DeltaV, or backup via hardcoded credentials. An attacker can easily reconstruct these passwords and thus gain access to privileged maintenance operations. The seed value is fed through a lookup table and a series of permutation operations resulting in three different four-character passwords corresponding to different privilege levels. These passwords are generated using a deterministic, insecure algorithm using a single seed value composed of a day/hour/minute timestamp with less than 16 bits of entropy. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M-series and SIS (CSLS/LSNB/LSNG) nodes is controlled by means of utility passwords. The AFDudley/equanimity repository through on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. The nlpweb/glance repository through on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. However, LabArchives Scheduler (Feature Release) is affected. NOTE: 2.5.5 is a version from 2014 the latest version of Booked Scheduler is not affected. Booked Scheduler 2.5.5 allows authenticated users to create and schedule events for any other user via a modified userId value to reservation_save.php.
0 Comments
Leave a Reply. |