Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
configuration manager vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv3
CVE-2023-39447
When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-ip Access Policy Manager 17.0.0
F5 Big-ip Guided Configuration 8.0
F5 Big-ip Guided Configuration 6.0
F5 Big-ip Access Policy Manager
F5 Big-ip Guided Configuration
5.3
CVSSv3
CVE-2021-39190
The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM (version 1802) to GLPI. In versions before 2.3.0, the Configuration page is publicly accessible in read-only mode. This issue is patched in version 2.3.0. No known workarounds exist.
Teclib-edition System Center Configuration Manager
8.8
CVSSv3
CVE-2023-29505
An issue exists in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking.
Zohocorp Manageengine Network Configuration Manager 12.6
NA
CVE-2013-4022
IBM Data Studio Web Console 3.x prior to 3.2, Optim Performance Manager 5.x prior to 5.2, InfoSphere Optim Configuration Manager 2.x prior to 2.2, and DB2 Recovery Expert 2.x store unspecified authentication information in a cookie, which allows remote authenticated users to bypa...
Ibm Db2 Recovery Expert 2.0
Ibm Infosphere Optim Configuration Manager 2.0
Ibm Optim Performance Manager 5.1.0
Ibm Infosphere Optim Configuration Manager 2.1
Ibm Data Studio Web Console 3.1.0
NA
CVE-2013-4024
IBM Data Studio Web Console 3.x prior to 3.2, Optim Performance Manager 5.x prior to 5.2, InfoSphere Optim Configuration Manager 2.x prior to 2.2, and DB2 Recovery Expert 2.x support HTTP access to the Web Console, which allows remote malicious users to read session cookies by sn...
Ibm Db2 Recovery Expert 2.0
Ibm Infosphere Optim Configuration Manager 2.0
Ibm Infosphere Optim Configuration Manager 2.1
Ibm Data Studio Web Console 3.1.0
Ibm Optim Performance Manager 5.1.0
NA
CVE-2013-4025
IBM Data Studio Web Console 3.x prior to 3.2, Optim Performance Manager 5.x prior to 5.2, InfoSphere Optim Configuration Manager 2.x prior to 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it easier for remote ...
Ibm Infosphere Optim Configuration Manager 2.1
Ibm Data Studio Web Console 3.1.0
Ibm Db2 Recovery Expert 2.0
Ibm Infosphere Optim Configuration Manager 2.0
Ibm Optim Performance Manager 5.1.0
9.8
CVSSv3
CVE-2016-4368
HPE Universal CMDB 10.0 up to and including 10.21, Universal CMDB Configuration Manager 10.0 up to and including 10.21, and Universal Discovery 10.0 up to and including 10.21 allow remote malicious users to execute arbitrary commands via a crafted serialized Java object, related ...
Hp Universal Cmbd Foundation 10.20
Hp Universal Cmbd Foundation 10.11
Hp Universal Cmbd Foundation 10.10
Hp Universal Cmbd Foundation 10.01
Hp Universal Cmbd Foundation 10.0
Hp Universal Cmbd Foundation 10.21
Hp Universal Cmbd Configuration Manager 10.10
Hp Universal Cmbd Configuration Manager 10.11
Hp Universal Cmbd Configuration Manager 10.20
Hp Universal Cmbd Configuration Manager 10.21
Hp Universal Cmbd Configuration Manager 10.01
Hp Universal Cmbd Configuration Manager 10.0
Hp Universal Discovery 10.11
Hp Universal Discovery 10.20
Hp Universal Discovery 10.21
Hp Universal Discovery 10.01
Hp Universal Discovery 10.0
Hp Universal Discovery 10.10
NA
CVE-2007-5413
httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM) Infrastructure 4.0 up to and including 4.2i and Client Configuration Manager (CCM) 2.0 allows remote malicious users to read arbitrary files via URLs containing tilde (~) referenc...
Hp Openview Client Configuraton Manager 2.0
Hp Openview Configuration Management 4.0
Hp Openview Configuration Management 4.1
Hp Openview Configuration Management 4.2i
Hp Openview Configuration Management 4.2
7.5
CVSSv3
CVE-2018-18980
An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager prior to 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local...
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Network Configuration Manager
5.4
CVSSv3
CVE-2017-14973
IDenticard Two-Reader Controller Configuration Manager 1.18.8 (396) is vulnerable to Stored Cross-Site Scripting (XSS) via the notes field in /~user_handler?file=logged_in.shtm (aka the edit user page).
Identicard Two-reader Controller Configuration Manager 1.18.8 \\(396\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »