VYPR

Uptime Infrastructure Monitor

by Idera

CVEs (7)

  • CVE-2017-11471CriJul 20, 2017
    risk 0.67cvss 9.8epss 0.01

    IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.

  • CVE-2017-11470CriJul 20, 2017
    risk 0.67cvss 9.8epss 0.01

    IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.

  • CVE-2017-11469HigJul 20, 2017
    risk 0.52cvss 7.5epss 0.05

    get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.

  • CVE-2015-8268HigJun 10, 2016
    risk 0.49cvss 7.5epss 0.03

    The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 on Linux allows remote attackers to read arbitrary files via unspecified vectors.

  • CVE-2015-2895HigDec 31, 2015
    risk 0.48cvss 7.3epss 0.02

    Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow remote attackers to execute arbitrary code via long command input.

  • CVE-2015-2896MedDec 31, 2015
    risk 0.35cvss 5.3epss 0.01

    The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command.

  • CVE-2015-2894MedDec 31, 2015
    risk 0.35cvss 5.3epss 0.01

    Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service (application crash) via format string specifiers.