VYPR

Vendor CVEs

Baramundi

All CVEs

57 total · sorted by risk
  • CVE-2019-3769Mar 13, 2020
    risk 0.00cvss epss 0.01

    Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with low privileges could exploit this vulnerability to store malicious payload in the device heartbeat request. When victim users access…

  • CVE-2016-6588Jan 8, 2020
    risk 0.00cvss epss 0.01

    A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0.

  • CVE-2016-6589Jan 8, 2020
    risk 0.00cvss epss 0.02

    A Denial of Service vulnerability exists in the ITMS workflow process manager login window in Symantec IT Management Suite 8.0.

  • CVE-2016-6590Jan 8, 2020
    risk 0.00cvss epss 0.00

    A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7,…

  • CVE-2013-3625Oct 3, 2013
    risk 0.00cvss epss 0.01

    An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9 uses a hardcoded encryption key, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere.

  • CVE-2013-3624Oct 3, 2013
    risk 0.00cvss epss 0.02

    The OS deployment feature in Baramundi Management Suite 7.5 through 8.9 stores credentials in cleartext on deployed machines, which allows remote attackers to obtain sensitive information by reading a file. NOTE: this ID was also incorrectly mapped to a separate issue in Oracle…

  • CVE-2013-3593Oct 3, 2013
    risk 0.00cvss epss 0.02

    Baramundi Management Suite 7.5 through 8.9 uses cleartext for (1) client-server communication and (2) data storage, which allows remote attackers to obtain sensitive information by sniffing the network, and allows context-dependent attackers to obtain sensitive information by…

Page 2 of 2