Merge pull request #2304 from nrathaus/master

Update References and Descriptions
patch-1
Prince Chaddha 2021-08-02 17:07:06 +05:30 committed by GitHub
commit 29aeb0d879
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 0 deletions

View File

@ -4,6 +4,7 @@ info:
author: madrobot author: madrobot
severity: critical severity: critical
tags: hpe,cve,cve2021,bypass tags: hpe,cve,cve2021,bypass
description: A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration. HPE has released a software update to resolve the vulnerability in the HPE Edgeline Infrastructure Manager.
reference: | reference: |
- https://www.tenable.com/security/research/tra-2021-15 - https://www.tenable.com/security/research/tra-2021-15
- https://nvd.nist.gov/vuln/detail/CVE-2021-29203 - https://nvd.nist.gov/vuln/detail/CVE-2021-29203

View File

@ -4,6 +4,7 @@ info:
name: Ivanti Avalanche Directory Traversal name: Ivanti Avalanche Directory Traversal
author: gy741 author: gy741
severity: high severity: high
description: A directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside outside the 'image' folder
reference: https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/ reference: https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/
tags: cve,cve2021,avalanche,traversal tags: cve,cve2021,avalanche,traversal

View File

@ -4,6 +4,7 @@ info:
name: Adobe ColdFusion Debug Page XSS name: Adobe ColdFusion Debug Page XSS
author: dhiyaneshDK author: dhiyaneshDK
severity: medium severity: medium
description: The remote Adobe ColdFusion debug page has been left open to unauthenticated users, this could allow remote attackers to trigger a reflected cross site scripting against the visitors of the site.
reference: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml reference: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml
tags: adobe,coldfusion,xss tags: adobe,coldfusion,xss