Xorux Stor2rrd
4 CVEs affecting Xorux Stor2rrd. Latest disclosed: 2021-11-08. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-42371 | Critical | 9.8 | 2021-11-08 | lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30. |
CVE-2020-24032 | Critical | 9.8 | 2020-08-18 | tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone. |
CVE-2021-42372 | High | 8.8 | 2021-11-08 | A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary… |
CVE-2021-42370 | High | 7.5 | 2021-11-08 | A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because cleartext information is present in HTML password input fields in… |