Количество 3
Количество 3
CVE-2012-10048
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen() call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user.
CVE-2012-10048
Zenoss Core 3.x contains a command injection vulnerability in the show ...
GHSA-r65h-f3rc-mqmw
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen() call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2012-10048 Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen() call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user. | 50% Средний | 6 месяцев назад | |
| CVE-2012-10048 Zenoss Core 3.x contains a command injection vulnerability in the show ... | 50% Средний | 6 месяцев назад | |
| GHSA-r65h-f3rc-mqmw Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen() call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user. | 50% Средний | 6 месяцев назад |
Уязвимостей на страницу