Hawt Hawtio
3 CVEs affecting Hawt Hawtio. Latest disclosed: 2017-12-29. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2014-0121 | Critical | 9.8 | 2017-12-29 | The admin terminal in Hawt.io does not require authentication, which allows remote attackers to execute arbitrary commands via the k parameter. |
CVE-2014-0120 | High | 8.8 | 2017-12-29 | Cross-site request forgery (CSRF) vulnerability in the admin terminal in Hawt.io allows remote attackers to hijack the authentication of arbitrary users for re… |
CVE-2017-7556 | High | 8.8 | 2017-08-17 | Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a… |