Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities by netdisco
CVE-2023-37624 (GCVE-0-2023-37624)
Vulnerability from nvd – Published: 2023-07-26 00:00 – Updated: 2024-10-23 15:44
VLAI
EPSS
VEX
Summary
Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.
Severity
No CVSS data available.
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:16:30.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commit/a2da6a7a046c1c0fd41072dd6991eec7614293f8"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37624",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T15:44:11.897719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T15:44:19.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-26T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE"
},
{
"url": "https://github.com/netdisco/netdisco/commit/a2da6a7a046c1c0fd41072dd6991eec7614293f8"
},
{
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-37624",
"datePublished": "2023-07-26T00:00:00.000Z",
"dateReserved": "2023-07-10T00:00:00.000Z",
"dateUpdated": "2024-10-23T15:44:19.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37623 (GCVE-0-2023-37623)
Vulnerability from nvd – Published: 2023-07-26 00:00 – Updated: 2024-10-23 15:44
VLAI
EPSS
VEX
Summary
Netdisco before v2.063000 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Web/TypeAhead.pm.
Severity
No CVSS data available.
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:16:30.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commit/9f4401f2fb00c84210cd551b97c8ad60e78c71e0"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commit/39562e0633a2472d50f7f33e69c36da4ad1fbfa3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37623",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T15:44:45.592409Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T15:44:55.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netdisco before v2.063000 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Web/TypeAhead.pm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-26T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE"
},
{
"url": "https://github.com/netdisco/netdisco/commit/9f4401f2fb00c84210cd551b97c8ad60e78c71e0"
},
{
"url": "https://github.com/netdisco/netdisco/commit/39562e0633a2472d50f7f33e69c36da4ad1fbfa3"
},
{
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-37623",
"datePublished": "2023-07-26T00:00:00.000Z",
"dateReserved": "2023-07-10T00:00:00.000Z",
"dateUpdated": "2024-10-23T15:44:55.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15810 (GCVE-0-2019-15810)
Vulnerability from nvd – Published: 2019-09-30 16:03 – Updated: 2024-08-05 00:56
VLAI
EPSS
VEX
Summary
Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/netdisco/netdisco/commits/master | x_refsource_MISC |
| https://github.com/netdisco/netdisco/commit/deb9b… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commits/master"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commit/deb9b62c7f839f5e41aa4d620bcdac5f9321a8a3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-30T16:03:06.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netdisco/netdisco/commits/master"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netdisco/netdisco/commit/deb9b62c7f839f5e41aa4d620bcdac5f9321a8a3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/netdisco/netdisco/commits/master",
"refsource": "MISC",
"url": "https://github.com/netdisco/netdisco/commits/master"
},
{
"name": "https://github.com/netdisco/netdisco/commit/deb9b62c7f839f5e41aa4d620bcdac5f9321a8a3",
"refsource": "MISC",
"url": "https://github.com/netdisco/netdisco/commit/deb9b62c7f839f5e41aa4d620bcdac5f9321a8a3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-15810",
"datePublished": "2019-09-30T16:03:06.000Z",
"dateReserved": "2019-08-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:56:22.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37623 (GCVE-0-2023-37623)
Vulnerability from cvelistv5 – Published: 2023-07-26 00:00 – Updated: 2024-10-23 15:44
VLAI
EPSS
VEX
Summary
Netdisco before v2.063000 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Web/TypeAhead.pm.
Severity
No CVSS data available.
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:16:30.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commit/9f4401f2fb00c84210cd551b97c8ad60e78c71e0"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commit/39562e0633a2472d50f7f33e69c36da4ad1fbfa3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37623",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T15:44:45.592409Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T15:44:55.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netdisco before v2.063000 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Web/TypeAhead.pm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-26T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE"
},
{
"url": "https://github.com/netdisco/netdisco/commit/9f4401f2fb00c84210cd551b97c8ad60e78c71e0"
},
{
"url": "https://github.com/netdisco/netdisco/commit/39562e0633a2472d50f7f33e69c36da4ad1fbfa3"
},
{
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-37623",
"datePublished": "2023-07-26T00:00:00.000Z",
"dateReserved": "2023-07-10T00:00:00.000Z",
"dateUpdated": "2024-10-23T15:44:55.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37624 (GCVE-0-2023-37624)
Vulnerability from cvelistv5 – Published: 2023-07-26 00:00 – Updated: 2024-10-23 15:44
VLAI
EPSS
VEX
Summary
Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.
Severity
No CVSS data available.
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:16:30.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commit/a2da6a7a046c1c0fd41072dd6991eec7614293f8"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37624",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T15:44:11.897719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T15:44:19.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-26T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE"
},
{
"url": "https://github.com/netdisco/netdisco/commit/a2da6a7a046c1c0fd41072dd6991eec7614293f8"
},
{
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-37624",
"datePublished": "2023-07-26T00:00:00.000Z",
"dateReserved": "2023-07-10T00:00:00.000Z",
"dateUpdated": "2024-10-23T15:44:19.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15810 (GCVE-0-2019-15810)
Vulnerability from cvelistv5 – Published: 2019-09-30 16:03 – Updated: 2024-08-05 00:56
VLAI
EPSS
VEX
Summary
Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/netdisco/netdisco/commits/master | x_refsource_MISC |
| https://github.com/netdisco/netdisco/commit/deb9b… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commits/master"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/netdisco/netdisco/commit/deb9b62c7f839f5e41aa4d620bcdac5f9321a8a3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-30T16:03:06.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netdisco/netdisco/commits/master"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netdisco/netdisco/commit/deb9b62c7f839f5e41aa4d620bcdac5f9321a8a3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/netdisco/netdisco/commits/master",
"refsource": "MISC",
"url": "https://github.com/netdisco/netdisco/commits/master"
},
{
"name": "https://github.com/netdisco/netdisco/commit/deb9b62c7f839f5e41aa4d620bcdac5f9321a8a3",
"refsource": "MISC",
"url": "https://github.com/netdisco/netdisco/commit/deb9b62c7f839f5e41aa4d620bcdac5f9321a8a3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-15810",
"datePublished": "2019-09-30T16:03:06.000Z",
"dateReserved": "2019-08-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:56:22.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}