Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5
CVE-2025-30235
- EPSS 0.06%
- Veröffentlicht 19.03.2025 00:00:00
- Zuletzt bearbeitet 19.03.2025 06:15:16
Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have had more than 10 failed authentication attempts, but instead allows hundreds of failed authentication attempts, because concurrent attempts are mishandle...
8.6
CVE-2025-30236
- EPSS 0.15%
- Veröffentlicht 19.03.2025 00:00:00
- Zuletzt bearbeitet 19.03.2025 07:15:34
Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SESSION parameter.
- EPSS 0.13%
- Veröffentlicht 21.03.2019 16:00:28
- Zuletzt bearbeitet 30.05.2025 16:15:23
An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode and used for RDP connections, the application stores the emergency credentials in cleartext in the logs (present in the DEBUG folder) that can be accessed by anyone. NO...
1