Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wipro holmes 20.4.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-38146
The File Download API in Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote malicious users to read arbitrary files via absolute path traversal in the SearchString JSON field in /home/download POST data.
Wipro Holmes 20.4.1
7.5
CVSSv3
CVE-2021-38147
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote malicious users to download arbitrary files, such as reports containing sensitive information, because authentication is not required for API access to processexecution/DownloadExcelFile/Domain_Credential_Report_E...
Wipro Holmes 20.4.1
7.5
CVSSv3
CVE-2021-38283
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote malicious users to read application log files containing sensitive information via a predictable /log URI.
Wipro Holmes 20.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started