CVE-2019-25029
In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a…
In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a…
In VOS compromised, an attacker at network endpoints can possibly view communications between an unsuspecting user and the service using man-in-the-middle attacks. Usage of unapproved…
In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components…
In Versa Analytics, the cron jobs are used for scheduling tasks by executing commands at specific dates and times on the server. If the job…
In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is not changed after the user successfully logs into…
In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result…
It has been discovered that redhat-certification does not properly limit the number of recursive definitions of entities in XML documents while parsing the status of…
It has been discovered that redhat-certification does not restrict file access in the /update/results page. A remote attacker could use this vulnerability to remove any…
It has been discovered that redhat-certification does not perform an authorization check and it allows an unauthenticated user to remove a "system" file, that is…