Search
Total
65 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6971 | 1 Backupbliss | 1 Backup Migration | 2023-12-29 | N/A | 9.8 CRITICAL |
| The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful exploitation of this vulnerability requires that the target server's php.ini is configured with 'allow_url_include' set to 'on'. This feature is deprecated as of PHP 7.4 and is disabled by default, but can still be explicitly enabled in later versions of PHP. | |||||
| CVE-2023-4591 | 1 Wpn-xm | 1 Wpn-xm | 2023-11-13 | N/A | 9.8 CRITICAL |
| A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion (LFI) via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the loading of a PHP file on the server, leading to a critical webshell exploit. | |||||
| CVE-2023-40195 | 2023-08-28 | N/A | N/A | ||
| Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark Provider. When the Apache Spark provider is installed on an Airflow deployment, an Airflow user that is authorized to configure Spark hooks can effectively run arbitrary code on the Airflow node by pointing it at a malicious Spark server. Prior to version 4.1.3, this was not called out in the documentation explicitly, so it is possible that administrators provided authorizations to configure Spark hooks without taking this into account. We recommend administrators to review their configurations to make sure the authorization to configure Spark hooks is only provided to fully trusted users. To view the warning in the docs please visit https://airflow.apache.org/docs/apache-airflow-providers-apache-spark/4.1.3/connections/spark.html | |||||
| CVE-2022-22308 | 1 Ibm | 1 Planning Analytics | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891. | |||||
| CVE-2022-33317 | 2 Iconics, Mitsubishielectric | 2 Genesis64, Mc Works64 | 2022-07-27 | N/A | 7.8 HIGH |
| Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious script codes. | |||||
| CVE-2022-30243 | 1 Honeywell | 2 Alterton Visual Logic, Alterton Visual Logic Firmware | 2022-07-22 | N/A | 8.8 HIGH |
| Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller's function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. | |||||
| CVE-2022-30244 | 1 Honeywell | 2 Alerton Ascent Control Module, Alerton Ascent Control Module Firmware | 2022-07-22 | N/A | 8.0 HIGH |
| Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller's function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function. | |||||
| CVE-2022-31156 | 1 Gradle | 1 Gradle | 2022-07-20 | N/A | 4.4 MEDIUM |
| Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, there are some cases in which Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This can occur in two ways. When signature verification is disabled but the verification metadata contains entries for dependencies that only have a `gpg` element but no `checksum` element. When signature verification is enabled, the verification metadata contains entries for dependencies with a `gpg` element but there is no signature file on the remote repository. In both cases, the verification will accept the dependency, skipping signature verification and not complaining that the dependency has no checksum entry. For builds that are vulnerable, there are two risks. Gradle could download a malicious binary from a repository outside your organization due to name squatting. For those still using HTTP only and not HTTPS for downloading dependencies, the build could download a malicious library instead of the expected one. Gradle 7.5 patches this issue by making sure to run checksum verification if signature verification cannot be completed, whatever the reason. Two workarounds are available: Remove all `gpg` elements from dependency verification metadata if you disable signature validation and/or avoid adding `gpg` entries for dependencies that do not have signature files. | |||||
| CVE-2021-41037 | 1 Eclipse | 1 Equinox P2 | 2022-07-15 | 6.8 MEDIUM | 8.0 HIGH |
| In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. Those touchpoints can, for example, alter the command-line used to start the application, injecting things like agent or other settings that usually require particular attention in term of security. Although p2 has built-in strategies to ensure artifacts are signed and then to help establish trust, there is no such strategy for the metadata part that does configure such touchpoints. As a result, it's possible to install a unit that will run malicious code during installation without user receiving any warning about this installation step being risky when coming from untrusted source. | |||||
| CVE-2020-25414 | 1 Monstra | 1 Monstra | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code. | |||||
| CVE-2020-24985 | 1 Quadbase | 1 Espressdashboard | 2022-07-12 | 5.5 MEDIUM | 8.1 HIGH |
| An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retrieve and execute external files or payloads. | |||||
| CVE-2020-5295 | 1 Octobercms | 1 October | 2022-06-30 | 4.0 MEDIUM | 4.9 MEDIUM |
| In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466). | |||||
| CVE-2018-11040 | 3 Debian, Oracle, Vmware | 28 Debian Linux, Agile Product Lifecycle Management, Application Testing Suite and 25 more | 2022-06-23 | 4.3 MEDIUM | 7.5 HIGH |
| Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests. Both are not enabled by default in Spring Framework nor Spring Boot, however, when MappingJackson2JsonView is configured in an application, JSONP support is automatically ready to use through the "jsonp" and "callback" JSONP parameters, enabling cross-domain requests. | |||||
| CVE-2021-4229 | 1 Ua-parser-js Project | 1 Ua-parser-js | 2022-06-06 | 7.6 HIGH | 8.8 HIGH |
| A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2022-29845 | 1 Ipswitch | 1 Whatsup Gold | 2022-05-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file. | |||||
| CVE-2021-30121 | 1 Kaseya | 1 Vsa | 2022-04-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\Kaseya\WebPages\dl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118 | |||||
| CVE-2021-21804 | 1 Advantech | 1 R-seenet | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability. | |||||
| CVE-2021-33626 | 2 Insyde, Siemens | 33 Insydeh2o, Ruggedcom Apr1808, Ruggedcom Apr1808 Firmware and 30 more | 2022-04-24 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated buffer pointer(QWORD values for CommBuffer). This can be used by an attacker to corrupt data in SMRAM memory and even lead to arbitrary code execution. | |||||
| CVE-2021-41841 | 1 Insyde | 1 Insydeh2o | 2022-02-24 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of Inclusion of Functionality from an Untrusted Control Sphere. | |||||
| CVE-2022-23630 | 1 Gradle | 1 Gradle | 2022-02-17 | 6.0 MEDIUM | 7.5 HIGH |
| Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled on one or more configurations and those configurations have common dependencies with other configurations that have dependency verification enabled. If the configuration that has dependency verification disabled is resolved first, Gradle does not verify the common dependencies for the configuration that has dependency verification enabled. Gradle 7.4 fixes that issue by validating artifacts at least once if they are present in a resolved configuration that has dependency verification active. For users who cannot update either do not use `ResolutionStrategy.disableDependencyVerification()` and do not use plugins that use that method to disable dependency verification for a single configuration or make sure resolution of configuration that disable that feature do not happen in builds that resolve configuration where the feature is enabled. | |||||
| CVE-2021-26272 | 2 Ckeditor, Oracle | 10 Ckeditor, Agile Plm, Application Express and 7 more | 2022-02-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin). | |||||
| CVE-2021-42133 | 1 Ivanti | 1 Avalanche | 2021-12-09 | 5.5 MEDIUM | 8.1 HIGH |
| An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write. | |||||
| CVE-2021-41256 | 1 Nextcloud | 1 News | 2021-12-02 | 5.8 MEDIUM | 7.1 HIGH |
| nextcloud news-android is an Android client for the Nextcloud news/feed reader app. In affected versions the Nextcloud News for Android app has a security issue by which a malicious application installed on the same device can send it an arbitrary Intent that gets reflected back, unintentionally giving read and write access to non-exported Content Providers in Nextcloud News for Android. Users should upgrade to version 0.9.9.63 or higher as soon as possible. | |||||
| CVE-2020-4561 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2021-12-02 | 7.5 HIGH | 10.0 CRITICAL |
| IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. This allows a remote attacker who can access a valid CA endpoint to read and write files to the Cognos Analytics system. IBM X-Force ID: 183903. | |||||
| CVE-2021-30507 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2021-12-02 | 6.8 MEDIUM | 8.8 HIGH |
| Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | |||||
| CVE-2021-41569 | 1 Sas | 1 Sas\/intrnet | 2021-12-02 | 5.0 MEDIUM | 7.5 HIGH |
| SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro. Users can escape the context of the configured user-controllable variable and append additional functions native to the macro but not included as variables within the library. This includes a function that retrieves files from the host OS. | |||||
| CVE-2021-26271 | 2 Ckeditor, Oracle | 7 Ckeditor, Agile Plm, Application Express and 4 more | 2021-12-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin). | |||||
| CVE-2021-20843 | 2 Ntt-west, Yamaha | 16 Biz Box Nvr510, Biz Box Nvr510 Firmware, Biz Box Nvr700w and 13 more | 2021-11-30 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to alter the settings of the product via a specially crafted web page. | |||||
| CVE-2020-16152 | 1 Extremenetworks | 1 Aerohive Netconfig | 2021-11-18 | 10.0 HIGH | 9.8 CRITICAL |
| The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file. | |||||
| CVE-2021-29427 | 2 Gradle, Quarkus | 2 Gradle, Quarkus | 2021-10-20 | 6.0 MEDIUM | 7.2 HIGH |
| In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository content filtering is a security control Gradle introduced to help users specify what repositories are used to resolve specific dependencies. This feature was introduced in the wake of the "A Confusing Dependency" blog post. In some cases, Gradle may ignore content filters and search all repositories for dependencies. This only occurs when repository content filtering is used from within a `pluginManagement` block in a settings file. This may change how dependencies are resolved for Gradle plugins and build scripts. For builds that are vulnerable, there are two risks: 1) Information disclosure: Gradle could make dependency requests to repositories outside your organization and leak internal package identifiers. 2) Dependency poisoning/Dependency confusion: Gradle could download a malicious binary from a repository outside your organization due to name squatting. For a full example and more details refer to the referenced GitHub Security Advisory. The problem has been patched and released with Gradle 7.0. Users relying on this feature should upgrade their build as soon as possible. As a workaround, users may use a company repository which has the right rules for fetching packages from public repositories, or use project level repository content filtering, inside `buildscript.repositories`. This option is available since Gradle 5.1 when the feature was introduced. | |||||
| CVE-2021-38360 | 1 Wp-publications Project | 1 Wp-publications | 2021-09-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the ~/bibtexbrowser.php file which allows attackers to include local zip files and achieve remote code execution, in versions up to and including 0.0. | |||||
| CVE-2021-29777 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Db2 and 3 more | 2021-09-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5, under specific circumstance of a table being dropped while being accessed in another session, could allow an authenticated user to cause a denial of srevice IBM X-Force ID: 203031. | |||||
| CVE-2021-3603 | 2 Fedoraproject, Phpmailer Project | 2 Fedora, Phpmailer | 2021-09-20 | 6.8 MEDIUM | 8.1 HIGH |
| PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called (if such code is injected into the host project's scope by other means). If the $patternselect parameter to validateAddress() is set to 'php' (the default, defined by PHPMailer::$validator), and the global namespace contains a function called php, it will be called in preference to the built-in validator of the same name. Mitigated in PHPMailer 6.5.0 by denying the use of simple strings as validator function names. | |||||
| CVE-2021-32802 | 1 Nextcloud | 1 Nextcloud | 2021-09-14 | 10.0 HIGH | 9.8 CRITICAL |
| Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. There are several security concerns with passing user-generated content to this library, such as Server-Side-Request-Forgery, file disclosure or potentially executing code on the system. The risk depends on your system configuration and the installed library version. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. These versions do not use this library anymore. As a workaround users may disable previews by setting `enable_previews` to `false` in `config.php`. | |||||
| CVE-2021-34398 | 1 Nvidia | 1 Data Center Gpu Manager | 2021-08-27 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA DCGM, all versions prior to 2.2.9, contains a vulnerability in the DIAG module where any user can inject shared libraries into the DCGM server, which is usually running as root, which may lead to privilege escalation, total loss of confidentiality and integrity, and complete denial of service. | |||||
| CVE-2021-34692 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2021-07-26 | 7.2 HIGH | 7.8 HIGH |
| iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges. | |||||
| CVE-2019-17014 | 1 Mozilla | 1 Firefox | 2021-07-21 | 4.3 MEDIUM | 7.4 HIGH |
| If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox < 71. | |||||
| CVE-2021-28162 | 1 Eclipse | 1 Theia | 2021-03-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run. | |||||
| CVE-2021-20443 | 3 Ibm, Linux, Microsoft | 3 Maximo For Civil Infrastructure, Linux Kernel, Windows | 2021-02-22 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library) from a source that is outside of the intended control sphere. IBM X-Force ID: 196619. | |||||
| CVE-2019-5479 | 1 Larvit | 1 Larvitbase | 2020-10-16 | 5.0 MEDIUM | 7.5 HIGH |
| An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file). | |||||
| CVE-2020-25788 | 1 Tt-rss | 1 Tiny Tiny Rss | 2020-09-29 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message. | |||||
| CVE-2019-13589 | 1 Anjlab | 1 Paranoid2 | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.1.5. | |||||
| CVE-2019-15839 | 1 Shaosina | 1 Sina Extension For Elementor | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The sina-extension-for-elementor plugin before 2.2.1 for WordPress has local file inclusion. | |||||
| CVE-2019-4263 | 1 Ibm | 1 Content Navigator | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Content Navigator 3.0CD is vulnerable to local file inclusion, allowing an attacker to access a configuration file in the ICN server. IBM X-Force ID: 160015. | |||||
| CVE-2019-8154 | 1 Magento | 1 Magento | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to modify product catalogs can trigger PHP file inclusion through a crafted XML file that specifies product design update. | |||||
| CVE-2019-11591 | 1 Web-dorado | 1 Contact Form | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| The WebDorado Contact Form plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized. | |||||
| CVE-2019-11590 | 1 10web | 1 Form Maker | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| The 10Web Form Maker plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized. | |||||
| CVE-2018-8351 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | |||||
| CVE-2018-7422 | 1 Siteeditor | 1 Site Editor | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal. | |||||
| CVE-2020-13175 | 1 Teradici | 2 Cloud Access Connector, Cloud Access Connector Legacy | 2020-08-14 | 5.0 MEDIUM | 7.5 HIGH |
| The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request. | |||||