Skip to main content

Endpoint

2 CVEs product

Monthly

CVE-2023-46668 CRITICAL Act Now

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Elastic Information Disclosure Endpoint
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2022-36670 MEDIUM POC This Month

PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Privilege Escalation Endpoint
NVD
CVSS 3.1
6.7
EPSS
0.3%
EPSS 0% CVSS 9.1
CRITICAL Act Now

If Elastic Endpoint (v7.9.0 - v8.10.3) is configured to use a non-default option in which the logging level is explicitly set to debug, and when Elastic Agent is simultaneously configured to collect. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Elastic Information Disclosure Endpoint
NVD
EPSS 0% CVSS 6.7
MEDIUM POC This Month

PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Privilege Escalation Endpoint
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy