Rapid7

Insightappsec

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-1304

Exploit
  • EPSS 0.15%
  • Veröffentlicht 21.03.2023 17:15:11
  • Zuletzt bearbeitet 25.02.2025 19:15:12

An authenticated attacker can leverage an exposed getattr() method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. This issue was resolved in the Managed and SaaS deployments on ...

8.1

CVE-2023-1305

Exploit
  • EPSS 0.12%
  • Veröffentlicht 21.03.2023 17:15:11
  • Zuletzt bearbeitet 26.02.2025 17:15:15

An authenticated attacker can leverage an exposed “box” object to read and write arbitrary files from disk, provided those files can be parsed as yaml or JSON. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in ve...

8.8

CVE-2023-1306

Exploit
  • EPSS 0.26%
  • Veröffentlicht 21.03.2023 17:15:11
  • Zuletzt bearbeitet 26.02.2025 17:15:15

An authenticated attacker can leverage an exposed resource.db() accessor method to smuggle Python method calls via a Jinja template, which can lead to code execution. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, an...

9.3

CVE-2019-5631

  • EPSS 0.11%
  • Veröffentlicht 19.08.2019 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:45:16

The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privilege...