Vulnerabilities (CVE)

Filtered by vendor Xorux Subscribe

Filtered by product Stor2rrd

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-42370	1 Xorux	2 Lpar2rrd, Stor2rrd	2022-07-29	4.3 MEDIUM	7.5 HIGH
A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because cleartext information is present in HTML password input fields in the device properties. (Viewing the passwords requires configuring a web browser to display HTML password input fields.)
CVE-2021-42372	1 Xorux	2 Lpar2rrd, Stor2rrd	2021-11-10	9.0 HIGH	8.8 HIGH
A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service.