VYPR

Enterprise Security API

by Trustwave

CVEs (4)

  • CVE-2024-22164Jan 9, 2024
    risk 0.00cvss epss 0.00

    In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the…

  • CVE-2024-22165Jan 9, 2024
    risk 0.00cvss epss 0.01

    In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service (DoS). The malformed investigation prevents the generation and rendering of the Investigations manager until it is deleted.The…

  • CVE-2013-5960Sep 30, 2013
    risk 0.00cvss epss 0.02

    The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0.1 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended…

  • CVE-2013-5679Sep 30, 2013
    risk 0.00cvss epss 0.02

    The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended…