Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27904 | 2 Apple, Automox | 2 Macos, Automox | 2022-07-21 | 6.9 MEDIUM | 7.0 HIGH |
| Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process. | |||||
| CVE-2021-26909 | 1 Automox | 1 Automox | 2022-04-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing sensitive files, which could be brute-forced by an attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent. | |||||
| CVE-2021-43326 | 2 Automox, Microsoft | 2 Automox, Windows | 2022-01-05 | 4.6 MEDIUM | 7.8 HIGH |
| Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory. | |||||
| CVE-2021-43325 | 2 Automox, Microsoft | 2 Automox, Windows | 2021-12-17 | 4.6 MEDIUM | 7.8 HIGH |
| Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. NOTE: this issue exists because of a CVE-2021-43326 regression. | |||||
| CVE-2021-26908 | 1 Automox | 1 Automox | 2021-05-05 | 2.1 LOW | 3.3 LOW |
| Automox Agent prior to version 31 logs potentially sensitive information in local log files, which could be used by a locally-authenticated attacker to subvert an organization's security program. The issue has since been fixed in version 31 of the Automox Agent. | |||||