Clustercontrol
by Severalnines
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-41628 | Hig | 0.56 | 7.5 | 0.06 | Jul 26, 2024 | Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. | ||
| CVE-2018-10817 | Med | 0.40 | 6.1 | 0.01 | May 9, 2018 | Severalnines ClusterControl before 1.6.0-4699 allows XSS. |
- risk 0.56cvss 7.5epss 0.06
Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API.
- risk 0.40cvss 6.1epss 0.01
Severalnines ClusterControl before 1.6.0-4699 allows XSS.