Lemur
Monthly
Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.