Vendor
Snare
Products
2
CVEs
3
Across products
3
Status
Private
Products
2- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-5247 | Hig | 0.49 | 7.5 | 0.01 | Jan 8, 2020 | Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword. | ||
| CVE-2011-5250 | Med | 0.42 | 6.5 | 0.01 | Jan 8, 2020 | Snare for Linux before 1.7.0 has CSRF in the web interface. | ||
| CVE-2011-5249 | 0.00 | — | 0.01 | May 14, 2014 | Cross-site scripting (XSS) vulnerability in the events page in the System iNtrusion Analysis and Reporting Environment (SNARE) for Linux agent before 1.7.0 allows remote attackers to inject arbitrary web script or HTML via a logged shell command. |
- risk 0.49cvss 7.5epss 0.01
Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword.
- risk 0.42cvss 6.5epss 0.01
Snare for Linux before 1.7.0 has CSRF in the web interface.
- CVE-2011-5249May 14, 2014risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the events page in the System iNtrusion Analysis and Reporting Environment (SNARE) for Linux agent before 1.7.0 allows remote attackers to inject arbitrary web script or HTML via a logged shell command.