exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2021-34337

почти 3 года назад

An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces.

CVSS3: 6.3

EPSS: Низкий

CVE-2021-34337

около 4 лет назад

An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces.

CVSS3: 7.4

EPSS: Низкий

CVE-2021-34337

почти 3 года назад

An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces.

CVSS3: 6.3

EPSS: Низкий

CVE-2021-34337

почти 3 года назад

An issue was discovered in Mailman Core before 3.3.5. An attacker with ...

CVSS3: 6.3

EPSS: Низкий

GHSA-2jg5-xgvv-4wq7

почти 3 года назад

Mailman Core vulnerable to timing attacks

CVSS3: 6.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-34337 An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces.	CVSS3: 6.3	1% Низкий	почти 3 года назад
CVE-2021-34337 An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces.	CVSS3: 7.4	1% Низкий	около 4 лет назад
CVE-2021-34337 An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces.	CVSS3: 6.3	1% Низкий	почти 3 года назад
CVE-2021-34337 An issue was discovered in Mailman Core before 3.3.5. An attacker with ...	CVSS3: 6.3	1% Низкий	почти 3 года назад
GHSA-2jg5-xgvv-4wq7 Mailman Core vulnerable to timing attacks	CVSS3: 6.3	1% Низкий	почти 3 года назад

Уязвимостей на страницу