Aggregates CVE and security vulnerability intelligence across all baramundi-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk denial of service and related problems; some flaws may lead to vendor impact application crash, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-37605 | Weak Exception Handling vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an attacker to cause a denial of service via a crafted request to the password parameter. | [email protected] | 5.5 | 0.07% | 2023-10-02 | 2024-11-21 |
| CVE-2022-43747 | baramundi Management Agent (bMA) in baramundi Management Suite (bMS) 2021 R1 and R2 and 2022 R1 allows remote code execution. This is fixed in security update S-2022-01, which contains fixed bMA setup files for these versions. This also is fixed in baramundi Management Suite 2022 R2. | [email protected] | 7.5 | 1.47% | 2022-10-26 | 2024-11-21 |
| CVE-2013-3625 | An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9 uses a hardcoded encryption key, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere. | [email protected] | 7.8 | 0.21% | 2013-10-03 | 2026-04-29 |
| CVE-2013-3624 | The OS deployment feature in Baramundi Management Suite 7.5 through 8.9 stores credentials in cleartext on deployed machines, which allows remote attackers to obtain sensitive information by reading a file. NOTE: this ID was also incorrectly mapped to a separate issue in Oracle Outside In, but the correct ID for that issue is CVE-2013-5763. | [email protected] | 7.8 | 0.38% | 2013-10-03 | 2026-04-29 |
| CVE-2013-3593 | Baramundi Management Suite 7.5 through 8.9 uses cleartext for (1) client-server communication and (2) data storage, which allows remote attackers to obtain sensitive information by sniffing the network, and allows context-dependent attackers to obtain sensitive information by reading a file. | [email protected] | 7.8 | 0.38% | 2013-10-03 | 2026-04-29 |