Skip to main content

Plextrac

11 CVEs product

Monthly

CVE-2024-12687 HIGH This Week

Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Plextrac
NVD
CVSS 4.0
8.6
EPSS
0.6%
CVE-2024-11839 HIGH This Week

Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Plextrac
NVD
CVSS 4.0
8.6
EPSS
0.3%
CVE-2024-11838 HIGH This Week

External Control of File Name or Path vulnerability in PlexTrac allows Local Code Inclusion through use of an undocumented API endpoint.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Plextrac
NVD
CVSS 4.0
8.6
EPSS
0.4%
CVE-2024-11837 HIGH This Week

Improper Neutralization of Special Elements used in an N1QL Command ('N1QL Injection') vulnerability in PlexTrac allows N1QL Injection.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Plextrac
NVD
CVSS 4.0
8.6
EPSS
0.5%
CVE-2024-11836 HIGH This Week

Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system resources.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Plextrac
NVD
CVSS 4.0
8.6
EPSS
0.3%
CVE-2024-11835 HIGH This Week

Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.61.3 before 2.8.1. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Plextrac
NVD
CVSS 4.0
7.0
EPSS
0.4%
CVE-2024-11834 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PlexTrac allows arbitrary file writes.61.3 before 2.8.1. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Plextrac
NVD
CVSS 4.0
8.9
EPSS
0.5%
CVE-2024-11833 HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PlexTrac allows arbitrary file writes.61.3 before 2.8.1. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Plextrac
NVD
CVSS 4.0
8.9
EPSS
0.5%
CVE-2022-37146 MEDIUM This Month

The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Plextrac
NVD VulDB
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-37145 HIGH This Week

The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts for accounts configured to use the PlexTrac authentication provider. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Plextrac
NVD VulDB
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-37144 HIGH This Week

The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Plextrac
NVD VulDB
CVSS 3.1
8.8
EPSS
0.8%
EPSS 1% CVSS 8.6
HIGH This Week

Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Plextrac
NVD
EPSS 0% CVSS 8.6
HIGH This Week

Deserialization of Untrusted Data vulnerability in PlexTrac (Runbooks modules) which allows Object Injection and arbitrary file writes.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Plextrac
NVD
EPSS 0% CVSS 8.6
HIGH This Week

External Control of File Name or Path vulnerability in PlexTrac allows Local Code Inclusion through use of an undocumented API endpoint.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Plextrac
NVD
EPSS 0% CVSS 8.6
HIGH This Week

Improper Neutralization of Special Elements used in an N1QL Command ('N1QL Injection') vulnerability in PlexTrac allows N1QL Injection.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Plextrac
NVD
EPSS 0% CVSS 8.6
HIGH This Week

Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system resources.61.3 before 2.8.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Plextrac
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Uncontrolled Resource Consumption vulnerability in PlexTrac allows WebSocket DoS.61.3 before 2.8.1. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Plextrac
NVD
EPSS 0% CVSS 8.9
HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PlexTrac allows arbitrary file writes.61.3 before 2.8.1. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Plextrac
NVD
EPSS 0% CVSS 8.9
HIGH This Week

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PlexTrac allows arbitrary file writes.61.3 before 2.8.1. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Plextrac
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Plextrac
NVD VulDB
EPSS 1% CVSS 7.5
HIGH This Week

The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts for accounts configured to use the PlexTrac authentication provider. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Plextrac
NVD VulDB
EPSS 1% CVSS 8.8
HIGH This Week

The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Plextrac
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy