OpenVAS Manager 3.0-beta2

CPE Details

OpenVAS Manager 3.0-beta2
openvas
openvas_manager
3.0
2012-11-26
18h30 +00:00
2012-12-18
20h31 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openvas:openvas_manager:3.0:beta2:*:*:*:*:*:*

Informations

Vendor

openvas

Product

openvas_manager

Version

3.0

Update

beta2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2014-9220 2014-12-03 00h00 +00:00 SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command.
7.5
CVE-2013-6765 2014-05-19 12h00 +00:00 OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote attackers to bypass the OMP authentication restrictions and execute OMP commands via a crafted OMP request for version information, which causes the state to be set to CLIENT_AUTHENTIC, as demonstrated by the omp_xml_handle_end_element function in omp.c.
7.5
CVE-2012-5520 2012-11-26 10h00 +00:00 The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x before 3.0.4 allows remote attackers to execute arbitrary commands via the (1) IP address or (2) port number field in an OMP request.
7.5
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.