Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
18 vulnerabilities found for computrols_building_automation_software by computrols
CVE-2019-10847 (GCVE-0-2019-10847)
Vulnerability from cvelistv5 – Published: 2019-05-24 16:33 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Cross-Site Request Forgery.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155247/Compu… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155247/Computrols-CBAS-Web-19.0.0-Cross-Site-Request-Forgery.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Cross-Site Request Forgery."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T17:06:40.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155247/Computrols-CBAS-Web-19.0.0-Cross-Site-Request-Forgery.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10847",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Cross-Site Request Forgery."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"name": "http://packetstormsecurity.com/files/155247/Computrols-CBAS-Web-19.0.0-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155247/Computrols-CBAS-Web-19.0.0-Cross-Site-Request-Forgery.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10847",
"datePublished": "2019-05-24T16:33:39.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10848 (GCVE-0-2019-10848)
Vulnerability from cvelistv5 – Published: 2019-05-24 16:29 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Username Enumeration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155266/Compu… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155266/Computrols-CBAS-Web-19.0.0-Username-Enumeration.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Username Enumeration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T20:07:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155266/Computrols-CBAS-Web-19.0.0-Username-Enumeration.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Username Enumeration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"name": "http://packetstormsecurity.com/files/155266/Computrols-CBAS-Web-19.0.0-Username-Enumeration.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155266/Computrols-CBAS-Web-19.0.0-Username-Enumeration.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10848",
"datePublished": "2019-05-24T16:29:08.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10849 (GCVE-0-2019-10849)
Vulnerability from cvelistv5 – Published: 2019-05-23 19:05 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155248/Compu… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155248/Computrols-CBAS-Web-19.0.0-Information-Disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T17:06:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155248/Computrols-CBAS-Web-19.0.0-Information-Disclosure.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10849",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"name": "http://packetstormsecurity.com/files/155248/Computrols-CBAS-Web-19.0.0-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155248/Computrols-CBAS-Web-19.0.0-Information-Disclosure.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10849",
"datePublished": "2019-05-23T19:05:01.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10850 (GCVE-0-2019-10850)
Vulnerability from cvelistv5 – Published: 2019-05-23 19:03 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 has Default Credentials.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 has Default Credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T19:03:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 has Default Credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10850",
"datePublished": "2019-05-23T19:03:11.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10851 (GCVE-0-2019-10851)
Vulnerability from cvelistv5 – Published: 2019-05-23 18:58 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 has hard-coded encryption keys.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 has hard-coded encryption keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T18:58:23.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 has hard-coded encryption keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10851",
"datePublished": "2019-05-23T18:58:23.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10852 (GCVE-0-2019-10852)
Vulnerability from cvelistv5 – Published: 2019-05-23 18:56 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155251/Compu… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155251/Computrols-CBAS-Web-19.0.0-Blind-SQL-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers\u0026a=start_pulling\u0026id= substring."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T18:06:40.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155251/Computrols-CBAS-Web-19.0.0-Blind-SQL-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers\u0026a=start_pulling\u0026id= substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"name": "http://packetstormsecurity.com/files/155251/Computrols-CBAS-Web-19.0.0-Blind-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155251/Computrols-CBAS-Web-19.0.0-Blind-SQL-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10852",
"datePublished": "2019-05-23T18:56:52.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10853 (GCVE-0-2019-10853)
Vulnerability from cvelistv5 – Published: 2019-05-23 18:53 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Authentication Bypass.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Authentication Bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T18:53:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Authentication Bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10853",
"datePublished": "2019-05-23T18:53:14.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10854 (GCVE-0-2019-10854)
Vulnerability from cvelistv5 – Published: 2019-05-23 18:45 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Authenticated Command Injection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Authenticated Command Injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T18:45:13.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Authenticated Command Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10854",
"datePublished": "2019-05-23T18:45:13.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10855 (GCVE-0-2019-10855)
Vulnerability from cvelistv5 – Published: 2019-05-23 18:43 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T18:43:28.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10855",
"datePublished": "2019-05-23T18:43:28.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10847 (GCVE-0-2019-10847)
Vulnerability from nvd – Published: 2019-05-24 16:33 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Cross-Site Request Forgery.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155247/Compu… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155247/Computrols-CBAS-Web-19.0.0-Cross-Site-Request-Forgery.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Cross-Site Request Forgery."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T17:06:40.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155247/Computrols-CBAS-Web-19.0.0-Cross-Site-Request-Forgery.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10847",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Cross-Site Request Forgery."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"name": "http://packetstormsecurity.com/files/155247/Computrols-CBAS-Web-19.0.0-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155247/Computrols-CBAS-Web-19.0.0-Cross-Site-Request-Forgery.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10847",
"datePublished": "2019-05-24T16:33:39.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10848 (GCVE-0-2019-10848)
Vulnerability from nvd – Published: 2019-05-24 16:29 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Username Enumeration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155266/Compu… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155266/Computrols-CBAS-Web-19.0.0-Username-Enumeration.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Username Enumeration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T20:07:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155266/Computrols-CBAS-Web-19.0.0-Username-Enumeration.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Username Enumeration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"name": "http://packetstormsecurity.com/files/155266/Computrols-CBAS-Web-19.0.0-Username-Enumeration.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155266/Computrols-CBAS-Web-19.0.0-Username-Enumeration.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10848",
"datePublished": "2019-05-24T16:29:08.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10849 (GCVE-0-2019-10849)
Vulnerability from nvd – Published: 2019-05-23 19:05 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155248/Compu… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155248/Computrols-CBAS-Web-19.0.0-Information-Disclosure.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T17:06:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155248/Computrols-CBAS-Web-19.0.0-Information-Disclosure.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10849",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"name": "http://packetstormsecurity.com/files/155248/Computrols-CBAS-Web-19.0.0-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155248/Computrols-CBAS-Web-19.0.0-Information-Disclosure.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10849",
"datePublished": "2019-05-23T19:05:01.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10850 (GCVE-0-2019-10850)
Vulnerability from nvd – Published: 2019-05-23 19:03 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 has Default Credentials.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 has Default Credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T19:03:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 has Default Credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10850",
"datePublished": "2019-05-23T19:03:11.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10851 (GCVE-0-2019-10851)
Vulnerability from nvd – Published: 2019-05-23 18:58 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 has hard-coded encryption keys.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 has hard-coded encryption keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T18:58:23.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 has hard-coded encryption keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10851",
"datePublished": "2019-05-23T18:58:23.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10852 (GCVE-0-2019-10852)
Vulnerability from nvd – Published: 2019-05-23 18:56 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155251/Compu… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155251/Computrols-CBAS-Web-19.0.0-Blind-SQL-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers\u0026a=start_pulling\u0026id= substring."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T18:06:40.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155251/Computrols-CBAS-Web-19.0.0-Blind-SQL-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers\u0026a=start_pulling\u0026id= substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
},
{
"name": "http://packetstormsecurity.com/files/155251/Computrols-CBAS-Web-19.0.0-Blind-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155251/Computrols-CBAS-Web-19.0.0-Blind-SQL-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10852",
"datePublished": "2019-05-23T18:56:52.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10853 (GCVE-0-2019-10853)
Vulnerability from nvd – Published: 2019-05-23 18:53 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Authentication Bypass.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Authentication Bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T18:53:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Authentication Bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10853",
"datePublished": "2019-05-23T18:53:14.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10854 (GCVE-0-2019-10854)
Vulnerability from nvd – Published: 2019-05-23 18:45 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 allows Authenticated Command Injection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 allows Authenticated Command Injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T18:45:13.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 allows Authenticated Command Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10854",
"datePublished": "2019-05-23T18:45:13.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10855 (GCVE-0-2019-10855)
Vulnerability from nvd – Published: 2019-05-23 18:43 – Updated: 2024-08-04 22:32
VLAI
Summary
Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://applied-risk.com/labs/advisories | x_refsource_MISC |
| https://applied-risk.com/index.php/download_file/… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:02.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T18:43:28.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/labs/advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"url": "https://applied-risk.com/labs/advisories"
},
{
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"refsource": "MISC",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10855",
"datePublished": "2019-05-23T18:43:28.000Z",
"dateReserved": "2019-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:32:02.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}