|
197131
|
5.3 |
MEDIUM
Network
|
hcltech
|
hcl_domino
|
HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the LDAP service…
|
NVD-CWE-noinfo
|
CVE-2020-4129
|
2024-11-21 14:32 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197132
|
5.9 |
MEDIUM
Network
|
hcltech
|
hcl_inotes
|
HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2020-4126
|
2024-11-21 14:32 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197133
|
6.5 |
MEDIUM
Network
|
hcltech
|
hcl_domino
|
HCL Domino is susceptible to a Login CSRF vulnerability. With a valid credential, an attacker could trick a user into accessing a system under another ID or use an intranet user's system to access in…
|
CWE-352
Origin Validation Error
|
CVE-2020-4127
|
2024-11-21 14:32 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197134
|
6.5 |
MEDIUM
Network
|
vmware
|
sd-wan_orchestrator
|
VMware SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. A…
|
CWE-89
SQL Injection
|
CVE-2020-4003
|
2024-11-21 14:32 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197135
|
7.2 |
HIGH
Network
|
vmware
|
sd-wan_orchestrator
|
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privi…
|
NVD-CWE-noinfo
|
CVE-2020-4002
|
2024-11-21 14:32 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197136
|
9.8 |
CRITICAL
Network
|
vmware
|
sd-wan_orchestrator
|
The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords allowing for a Pass-the-Hash Attack. SD-WAN Orchestrator ships with default passwords for predefined accounts which may lead to t…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2020-4001
|
2024-11-21 14:32 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197137
|
8.8 |
HIGH
Network
|
vmware
|
sd-wan_orchestrator
|
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 allows for executing files through directory traversal. An authenticated SD-WAN Orchestrator user is ab…
|
CWE-22
Path Traversal
|
CVE-2020-4000
|
2024-11-21 14:32 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197138
|
8.8 |
HIGH
Network
|
vmware
|
sd-wan_orchestrator
|
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orches…
|
NVD-CWE-noinfo
|
CVE-2020-3985
|
2024-11-21 14:32 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197139
|
6.5 |
MEDIUM
Network
|
vmware
|
sd-wan_orchestrator
|
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit …
|
CWE-89
SQL Injection
|
CVE-2020-3984
|
2024-11-21 14:32 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197140
|
9.1 |
CRITICAL
Network
|
vmware
|
identity_manager
identity_manager_connector
one_access
vrealize_suite_lifecycle_manager
cloud_foundation
|
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
|
CWE-78
OS Command
|
CVE-2020-4006
|
2024-11-21 14:32 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
