A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT Series ID=18: UPS 09.8 and prior / SMT Series ID=1040: UPS 01.2 and prior / SMT Series…
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…
A CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026:…
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL…
Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes…
Microsoft Defender for IoT Elevation of Privilege Vulnerability. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Microsoft Exchange Server Remote Code Execution Vulnerability. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Microsoft Defender for Endpoint Spoofing Vulnerability. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Windows Common Log File System Driver Information Disclosure Vulnerability. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Windows Media Center Update Denial of Service Vulnerability. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Windows Hyper-V Denial of Service Vulnerability. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database