Skip to main content

Cloud Agent

6 CVEs product

Monthly

CVE-2023-28143 HIGH This Week

Qualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7) installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX (macOS 10.15 and older). Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Apple Cloud Agent
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2023-28142 HIGH This Week

A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Microsoft Cloud Agent
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2023-28141 MEDIUM This Month

An NTFS Junction condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.8.0.31. Rated medium severity (CVSS 6.3). No vendor patch available.

Information Disclosure Microsoft Cloud Agent
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2023-28140 HIGH This Week

An Executable Hijacking condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Microsoft Cloud Agent
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-29550 MEDIUM This Month

An issue was discovered in Qualys Cloud Agent 4.8.0-49. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cloud Agent
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-35464 CRITICAL Act Now

Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Docker Authentication Bypass Cloud Agent
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
EPSS 0% CVSS 7.0
HIGH This Week

Qualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7) installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX (macOS 10.15 and older). Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Apple Cloud Agent
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Privilege Escalation Microsoft +1
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

An NTFS Junction condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.8.0.31. Rated medium severity (CVSS 6.3). No vendor patch available.

Information Disclosure Microsoft Cloud Agent
NVD
EPSS 0% CVSS 7.0
HIGH This Week

An Executable Hijacking condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Privilege Escalation Microsoft Cloud Agent
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in Qualys Cloud Agent 4.8.0-49. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cloud Agent
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Docker Authentication Bypass Cloud Agent
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy