Published: 23/12/2020 Updated: 11/04/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

In Solstice Pod prior to 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is directly associated with a negative impact, or instead only facilitates an attack technique

Vulnerable Product	Search on Vulmon	Subscribe to Product
mersive solstice_firmware

Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587

CVE-2021-35587 Description POC for CVE-2021-35587: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager create by antx at 2022-03-14 Detail Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent) Easily exploitable vulnerability allows u

NVD-CWE-noinfo https://documentation.mersive.com/content/pages/release-notes.htm https://www.mersive.com/uk/products/solstice/https://attack.mitre.org/techniques/T1444/https://github.com/aress31/solstice-pod-cves https://nvd.nist.gov https://github.com/antx-code/CVE-2021-35587

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-35587

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect