Dell Crowbar vulnerabilities
2 known vulnerabilities affecting dell/crowbar.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2012-3551P4MEDIUMCVSS 4.3PoC≤ 1.42012-09-05
CVE-2012-3551 [MEDIUM] CWE-79 CVE-2012-3551: Cross-site scripting (XSS) vulnerability in crowbar_framework/app/views/support/index.html.haml in t
Cross-site scripting (XSS) vulnerability in crowbar_framework/app/views/support/index.html.haml in the Crowbar barclamp in Crowbar, possibly 1.4 and earlier, allows remote attackers to inject arbitrary web script or HTML via the file parameter to /utils.
nvd
CVE-2012-3537P4MEDIUMCVSS 4.6≤ 1.42012-09-05
CVE-2012-3537 [MEDIUM] CWE-264 CVE-2012-3537: The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barcl
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.
nvd