Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In July 2019
CVE-2019-6642
In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to allow root shell access from within the TMOS Shell (tmsh) interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-07-01
CVE-2019-7271
Nortek Linear eMerge 50P/5000P devices have Default Credentials.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-07-01
CVE-2019-7272
Optergy Proton/Enterprise devices allow Username Disclosure.
CVSS Score
5.3
EPSS Score
0.157
Published
2019-07-01
CVE-2019-7273
Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CSRF).
CVSS Score
8.8
EPSS Score
0.009
Published
2019-07-01
CVE-2019-7274
Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root.
CVSS Score
9.8
EPSS Score
0.657
Published
2019-07-01
CVE-2019-9702
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-07-01
CVE-2019-9703
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-07-01
CVE-2019-10979
SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password.
CVSS Score
9.8
EPSS Score
0.016
Published
2019-07-01
CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console.
CVSS Score
9.8
EPSS Score
0.918
Published
2019-07-01
CVE-2019-7277
Optergy Proton/Enterprise devices allow Unauthenticated Internal Network Information Disclosure.
CVSS Score
5.3
EPSS Score
0.007
Published
2019-07-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved