CVE-2023-51750

MEDIUM Year: 2023
CVSS v3 Score
4.6
Medium
Weakness Type
CWE-286
View all →

Vulnerability Description

ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configuration is used which utilizes modern management with website allow-listing rules."

Related Vulnerabilities

CVE-2024-6356

MEDIUM
CVSS:4.4(Medium)

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which allowed cross project ...

CWE-2862024

CVE-2023-3115

MEDIUM
CVSS:4.3(Medium)

An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not...

CWE-2862023

CVE-2024-13041

MEDIUM
CVSS:4.2(Medium)

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. When a user is created vi...

CWE-2862024

CVE-2023-3914

MEDIUM
CVSS:5.3(Medium)

A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a n...

CWE-2862023

CVE-2024-29296

MEDIUM
CVSS:5.3(Medium)

A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user t...

CWE-2862024

CVE-2023-20253

MEDIUM
CVSS:5.5(Medium)

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll bac...

CWE-2862023