Skip to main content

Securewatch Managed Services

2 CVEs product

Monthly

CVE-2021-38137 HIGH This Week

Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor user’s privileges, allowing a user to perform actions not belonging to his role. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Securewatch Managed Services
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2021-38136 MEDIUM POC This Month

Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snap_file parameter in the /it-IT/splunkd/__raw/services/get_snapshot HTTP API endpoint. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Securewatch Managed Services
NVD
CVSS 3.1
6.5
EPSS
1.2%
EPSS 1% CVSS 8.1
HIGH This Week

Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor user’s privileges, allowing a user to perform actions not belonging to his role. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Securewatch Managed Services
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snap_file parameter in the /it-IT/splunkd/__raw/services/get_snapshot HTTP API endpoint. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Securewatch Managed Services
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy