映射到 CWE-287 的搜索结果 (995)

CVE-2015-6397(发布:2016-08-07 20:59:01)NMS
CVSS9.0

[原文]Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default account, which allows remote authenticated users to obtain root access via a login session with that account, aka Bug IDs CSCuv90139, CSCux58175, and CSCux73557.

CVE-2016-1278(发布:2016-08-05 11:59:05)NMS
CVSS6.9

[原文]Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software" command with the "partition" option.

CVE-2016-4503(发布:2016-07-11 22:00:09)NMS
CVSS5.0

[原文]Moxa Device Server Web Console 5232-N allows remote attackers to bypass authentication, and consequently modify settings and data, via vectors related to reading a cookie parameter containing a UserId value.

CVE-2016-0916(发布:2016-06-09 21:59:02)NMPS
CVSS10.0

[原文]EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance.

CVE-2016-4510(发布:2016-06-09 06:59:03)NMS
CVSS6.4

[原文]The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentication and read arbitrary files via unspecified vectors.

CVE-2016-4432(发布:2016-06-01 16:59:07)NMP
CVSS5.0

[原文]The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.

首页上一页23456789下一页尾页 第4页 / 共166页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站