Skip to main content

Management Console

7 CVEs product

Monthly

CVE-2024-21957 HIGH This Week

Incorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd Management Console
NVD
CVSS 3.1
7.3
EPSS
0.3%
CVE-2018-10176 MEDIUM POC This Month

Digital Guardian Management Console 7.1.2.0015 has a Directory Traversal issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Management Console
NVD
CVSS 3.0
6.5
EPSS
2.3%
CVE-2018-10175 MEDIUM This Month

Digital Guardian Management Console 7.1.2.0015 has an XXE issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Management Console
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-10174 MEDIUM This Month

Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Management Console
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-10173 HIGH POC This Week

Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Management Console
NVD
CVSS 3.0
8.8
EPSS
5.4%
CVE-2017-15527 MEDIUM This Month

Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation /. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Management Console
NVD
CVSS 3.0
6.8
EPSS
0.5%
CVE-2015-7303 CRITICAL Act Now

Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.4% and no vendor patch available.

RCE Management Console
NVD
CVSS 2.0
10.0
EPSS
12.4%
EPSS 0% CVSS 7.3
HIGH This Week

Incorrect default permissions in the AMD Management Console installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Amd +1
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

Digital Guardian Management Console 7.1.2.0015 has a Directory Traversal issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Management Console
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Digital Guardian Management Console 7.1.2.0015 has an XXE issue. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Management Console
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Management Console
NVD
EPSS 5% CVSS 8.8
HIGH POC This Week

Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Management Console
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation /. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Management Console
NVD
EPSS 12% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.4% and no vendor patch available.

RCE Management Console
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy