Ignite Realtime Vulnerabilidad

Cronología

Escribe

Not Defined	35
Messaging Software	1

Producto

Ignite Realtime Openfire	33
Ignite Realtime Spark	1
Ignite Realtime Openfire Server	1
Ignite Realtime Smack XMPP API	1

Contramedidas

Official Fix	18
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	18

Explotabilidad

High	2
Functional	0
Proof-of-Concept	8
Unproven	0
Not Defined	26

Vector de acceso

Not Defined	0
Physical	0
Local	0
Adjacent	0
Network	36

Autenticación

Not Defined	0
High	0
Low	9
None	27

La interacción del usuario

Not Defined	0
Required	24
None	12

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	1
≤5	12
≤6	14
≤7	5
≤8	2
≤9	1
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	3
≤5	10
≤6	15
≤7	5
≤8	1
≤9	1
≤10	1

VulDB

≤1	0
≤2	0
≤3	0
≤4	5
≤5	20
≤6	3
≤7	3
≤8	4
≤9	0
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	4
≤7	14
≤8	1
≤9	1
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	1
≤10	0

Proveedor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Explotar día 0

<1k	10
<2k	22
<5k	4
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar hoy

<1k	34
<2k	2
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (4): Openfire (33), Openfire Server (1), Smack XMPP API (1), Spark (1)

Fecha de publicación	Base	Temp	Vulnerabilidad	Prod	Exp	Con	EPSS	CTI	CVE
2024-03-26	6.3	6.3	Ignite Realtime Openfire ROOM_CACHE Component Privilege Escalation	Desconocido	Not Defined	Not Defined	0.00045	0.04	CVE-2024-25421
2024-03-26	6.3	6.3	Ignite Realtime Openfire System Property escalada de privilegios	Desconocido	Not Defined	Not Defined	0.00045	0.06	CVE-2024-25420
2023-05-24	7.8	7.7	Ignite Realtime Openfire Administration Console autenticación débil	Desconocido	Not Defined	Official Fix	0.97409	0.00	CVE-2023-32315
2020-12-13	4.4	4.4	Ignite Realtime Openfire db-access.jsp cross site scripting	Desconocido	Proof-of-Concept	Not Defined	0.00090	0.00	CVE-2020-35202
2020-12-13	4.4	4.4	Ignite Realtime Openfire create-bookmark.jsp cross site scripting	Desconocido	Proof-of-Concept	Not Defined	0.00090	0.00	CVE-2020-35201
2020-12-13	4.8	4.8	Ignite Realtime Openfire spark-form.jsp cross site scripting	Desconocido	Not Defined	Not Defined	0.00101	0.04	CVE-2020-35200
2020-12-13	3.5	3.5	Ignite Realtime Openfire create-bookmark.jsp cross site scripting	Desconocido	Proof-of-Concept	Not Defined	0.00090	0.00	CVE-2020-35199
2020-12-11	4.4	4.4	Ignite Realtime Openfire Bookmark create-bookmark.jsp cross site scripting	Desconocido	Not Defined	Not Defined	0.00058	0.00	CVE-2020-35127
2020-09-02	5.7	5.7	Ignite Realtime Openfire server-properties.jsp Reflected cross site scripting	Desconocido	Not Defined	Not Defined	0.00168	0.02	CVE-2020-24604
2020-09-02	5.2	5.2	Ignite Realtime Openfire Reflected cross site scripting	Desconocido	Not Defined	Not Defined	0.00112	0.00	CVE-2020-24602

26 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 26 results.

◂ AnteriorVisión De ConjuntoPróximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!