Zenoss - Zenoss CVE

Filtered by vendor Zenoss Subscribe

Filtered by product Zenoss

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-14258	1 Zenoss	1 Zenoss	2019-08-30	5.0 MEDIUM	7.5 HIGH
The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to unauthenticated information disclosure via port 9988.
CVE-2019-14257	1 Zenoss	1 Zenoss	2019-08-27	7.2 HIGH	7.8 HIGH
pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying environment variables to redirect execution before privileges are dropped, aka ZEN-31765.

Vulnerabilities (CVE)