Filtered by vendor Rapid7
Subscribe
Total
82 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6494 | 1 Rapid7 | 1 Nexpose | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Rapid7 Nexpose before 5.5.4 contains a session hijacking vulnerability which allows remote attackers to capture a user's session and gain unauthorized access. | |||||
| CVE-2024-8042 | 1 Rapid7 | 1 Insight Platform | 2024-09-17 | N/A | 3.1 LOW |
| Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an empty user group being added to the incorrect customer. This vulnerability is remediated as of August 14, 2024. | |||||