|
246921
|
7.5 |
HIGH
Network
|
cloudera
|
cloudera_manager
|
The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. The keystore file itself is not expos…
|
CWE-255
Credentials Management
|
CVE-2017-9326
|
2024-11-21 12:35 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246922
|
7.5 |
HIGH
Network
|
cloudera
|
cdh
|
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.
|
CWE-285
Improper Authorization
|
CVE-2017-9325
|
2024-11-21 12:35 |
2019-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246923
|
9.8 |
CRITICAL
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera Veralite 1.7.481 devices. The device has an additional OpenWRT interface in addition to the standard web interface which allows the highest privileges a user can obtai…
|
CWE-255
Credentials Management
|
CVE-2017-9385
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246924
|
5.4 |
MEDIUM
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a shell script called relay.sh which is used for creating new SSH relays for the device so that the d…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9387
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246925
|
6.5 |
MEDIUM
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a script file called "get_file.sh" which allows a user to retrieve any file stored in the "cmh-ext" f…
|
CWE-22
Path Traversal
|
CVE-2017-9386
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246926
|
9.9 |
CRITICAL
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/po…
|
CWE-287
Improper Authentication
|
CVE-2017-9383
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246927
|
6.5 |
MEDIUM
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/po…
|
CWE-22
Path Traversal
|
CVE-2017-9382
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246928
|
8.8 |
HIGH
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a web user interface that allows a user to manage the device. As a part of the functionality the devi…
|
CWE-77
Command Injection
|
CVE-2017-9384
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246929
|
8.8 |
HIGH
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a user with the capability of installing or deleting apps on the device using the web management inte…
|
CWE-352
Origin Validation Error
|
CVE-2017-9381
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246930
|
8.8 |
HIGH
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a web user interface that allows a user to manage the device. As a part of the functionality the devi…
|
CWE-77
Command Injection
|
CVE-2017-9388
|
2024-11-21 12:35 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
