Eclipse Kura
5 CVEs affecting Eclipse Kura. Latest disclosed: 2024-04-09. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-7649 | Critical | 9.8 | 2017-09-11 | The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured. S… |
CVE-2024-3046 | High | 7.5 | 2024-04-09 | In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to re… |
CVE-2019-10244 | High | 7.5 | 2019-04-09 | In Eclipse Kura versions up to 4.0.0, the Web UI package and component services, the Artemis simple Mqtt component and the emulator position service (not part… |
CVE-2019-10243 | Medium | 5.3 | 2019-04-09 | In Eclipse Kura versions up to 4.0.0, Kura exposes the underlying Ui Web server version in its replies. This can be used as a hint by an attacker to specifical… |
CVE-2019-10242 | Medium | 5.3 | 2019-04-09 | In Eclipse Kura versions up to 4.0.0, the SkinServlet did not checked the path passed during servlet call, potentially allowing path traversal in get requests… |