Количество 13
Количество 13
BDU:2024-02823
Уязвимость компонента pmproxy программного обеспечения мониторинга и визуализация производительности Performance Co-Pilot (PCP), позволяющая нарушителю выполнять произвольные команды
ROS-20240904-14
Множественные уязвимости pcp
CVE-2024-3019
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
CVE-2024-3019
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
CVE-2024-3019
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
CVE-2024-3019
A flaw was found in PCP. The default pmproxy configuration exposes the ...
RLSA-2024:3264
Important: pcp security update
RLSA-2024:2566
Important: pcp security, bug fix, and enhancement update
GHSA-g58w-wr93-q367
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
ELSA-2024-3264
ELSA-2024-3264: pcp security update (IMPORTANT)
ELSA-2024-2566
ELSA-2024-2566: pcp security, bug fix, and enhancement update (IMPORTANT)
SUSE-SU-2024:3976-1
Security update for pcp
SUSE-SU-2024:3533-1
Security update for pcp
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-02823 Уязвимость компонента pmproxy программного обеспечения мониторинга и визуализация производительности Performance Co-Pilot (PCP), позволяющая нарушителю выполнять произвольные команды | CVSS3: 9.8 | 0% Низкий | больше 1 года назад |
 | ROS-20240904-14 Множественные уязвимости pcp | CVSS3: 9.8 | 10 месяцев назад | |
 | CVE-2024-3019 A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer. | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
 | CVE-2024-3019 A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
 | CVE-2024-3019 A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer. | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
| CVE-2024-3019 A flaw was found in PCP. The default pmproxy configuration exposes the ... | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
 | RLSA-2024:3264 Important: pcp security update | 0% Низкий | около 1 года назад | |
| RLSA-2024:2566 Important: pcp security, bug fix, and enhancement update | 0% Низкий | около 1 года назад | |
| GHSA-g58w-wr93-q367 A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer. | CVSS3: 8.8 | 0% Низкий | около 1 года назад |
| ELSA-2024-3264 ELSA-2024-3264: pcp security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-2566 ELSA-2024-2566: pcp security, bug fix, and enhancement update (IMPORTANT) | около 1 года назад | ||
 | SUSE-SU-2024:3976-1 Security update for pcp | 8 месяцев назад | ||
| SUSE-SU-2024:3533-1 Security update for pcp | 9 месяцев назад |
Уязвимостей на страницу