Description

An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.

Remediation

References

CVE-2023-4503

Related Vulnerabilities

WordPress Plugin Advanced post slider Unspecified Vulnerability (2.4.0)

OpenSSL Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2010-3864)

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5344)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12647)

WordPress Plugin WP Post to PDF Enhanced Cross-Site Scripting (1.0.5)

Severity

High

Classification

CVE-2023-4503 CWE-665 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities