CVE-2022-40147
- EPSS 0.2%
- Veröffentlicht 11.10.2022 11:15:10
- Zuletzt bearbeitet 21.11.2024 07:20:58
A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The affected software does not properly validate the server certificate when initiating a TLS connection. This could allow an attacker to spoof a trusted entit...
- EPSS 94.34%
- Veröffentlicht 14.12.2021 19:15:07
- Zuletzt bearbeitet 12.03.2025 19:52:00
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a n...
- EPSS 94.36%
- Veröffentlicht 10.12.2021 10:15:09
- Zuletzt bearbeitet 08.08.2025 18:52:00
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...
CVE-2021-37184
- EPSS 0.52%
- Veröffentlicht 14.09.2021 11:15:25
- Zuletzt bearbeitet 21.11.2024 06:14:48
A vulnerability has been identified in Industrial Edge Management (All versions < V1.3). An unauthenticated attacker could change the the password of any user in the system under certain circumstances. With this an attacker could impersonate any vali...