Skip to main content

Sentinel

6 CVEs product

Monthly

CVE-2026-0611 CRITICAL PATCH Act Now

Unauthenticated remote code execution in Spacelabs Healthcare Sentinel (versions 10.5.x and 11.x prior to 11.6.0) allows network attackers to drop ASPX webshells into the IIS wwwroot via a legacy .NET Remoting HTTP channel on TCP/8989. The flaw stems from missing authentication (CWE-306) on a deprecated Microsoft remoting endpoint, and while a vendor patch is available, no public exploit identified at time of analysis. Exploitation requires that port 8989 has been deliberately exposed to the network, since it is not reachable in default Sentinel deployments.

RCE Authentication Bypass Sentinel
NVD
CVSS 4.0
9.2
EPSS
0.2%
CVE-2018-7675 MEDIUM This Month

In NetIQ Sentinel before 8.1.x, a Sentinel user is logged into the Sentinel Web Interface. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Sentinel
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2017-5185 HIGH This Week

A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow remote denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Sentinel
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2017-5184 MEDIUM This Month

A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow leakage of information (account enumeration). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sentinel
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-1605 MEDIUM This Month

Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x before 7.4.2 allows remote attackers to read arbitrary files via a PREVIEW value for the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sentinel
NVD
CVSS 3.0
6.5
EPSS
0.8%
CVE-2014-3460 MEDIUM This Month

Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal RCE Sentinel Sentinel Agent Manager
NVD
CVSS 2.0
6.8
EPSS
0.9%
EPSS 0% CVSS 9.2
CRITICAL PATCH Act Now

Unauthenticated remote code execution in Spacelabs Healthcare Sentinel (versions 10.5.x and 11.x prior to 11.6.0) allows network attackers to drop ASPX webshells into the IIS wwwroot via a legacy .NET Remoting HTTP channel on TCP/8989. The flaw stems from missing authentication (CWE-306) on a deprecated Microsoft remoting endpoint, and while a vendor patch is available, no public exploit identified at time of analysis. Exploitation requires that port 8989 has been deliberately exposed to the network, since it is not reachable in default Sentinel deployments.

RCE Authentication Bypass Sentinel
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

In NetIQ Sentinel before 8.1.x, a Sentinel user is logged into the Sentinel Web Interface. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Sentinel
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow remote denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Sentinel
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow leakage of information (account enumeration). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sentinel
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x before 7.4.2 allows remote attackers to read arbitrary files via a PREVIEW value for the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sentinel
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote attackers to create arbitrary files, and consequently. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal RCE Sentinel +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy