本ページは skyboxsecurity skybox_manager_client_application に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2017-14773 | Skybox Manager Client Application prior to 8.5.501 is prone to an elevation of privileges vulnerability during authentication of a valid user in a debugger-pause state. The vulnerability can only be exploited by a local authenticated attacker. | [email protected] | 7.8 | 0.37% | 2017-10-03 | 2026-05-13 |
| CVE-2017-14772 | Skybox Manager Client Application is prone to information disclosure via a username enumeration attack. A local unauthenticated attacker could exploit the flaw to obtain valid usernames, by analyzing error messages upon valid and invalid account login attempts. | [email protected] | 3.3 | 0.26% | 2017-10-03 | 2026-05-13 |
| CVE-2017-14771 | Skybox Manager Client Application prior to 8.5.501 is prone to an arbitrary file upload vulnerability due to insufficient input validation of user-supplied files path when uploading files via the application. During a debugger-pause state, a local authenticated attacker can upload an arbitrary file and overwrite existing files within the scope of the affected application. | [email protected] | 5.5 | 0.29% | 2017-10-03 | 2026-05-13 |
| CVE-2017-14770 | Skybox Manager Client Application prior to 8.5.501 is prone to an information disclosure vulnerability of user password hashes. A local authenticated attacker can access the password hashes in a debugger-pause state during the authentication process. | [email protected] | 5.5 | 0.34% | 2017-10-03 | 2026-05-13 |