#ExploitObserverAlert
CVE-2021-38354
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-38354. The GNU-Mailman Integration WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the gm_error parameter found in the ~/includes/admin/mailing-lists-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6.
FIRST-EPSS: 0.000680000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2021-38354
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-38354. The GNU-Mailman Integration WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the gm_error parameter found in the ~/includes/admin/mailing-lists-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6.
FIRST-EPSS: 0.000680000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-47966
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2022-47966. Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. This affects Access Manager Plus before 4308, Active Directory 360 before 4310, ADAudit Plus before 7081, ADManager Plus before 7162, ADSelfService Plus before 6211, Analytics Plus before 5150, Application Control Plus before 10.1.2220.18, Asset Explorer before 6983, Browser Security Plus before 11.1.2238.6, Device Control Plus before 10.1.2220.18, Endpoint Central before 10.1.2228.11, Endpoint Central MSP before 10.1.2228.11, Endpoint DLP before 10.1.2137.6, Key Manager Plus before 6401, OS Deployer before 1.1.2243.1, PAM 360 before 5713, Password Manager Pro before 12124, Patch Manager Plus before 10.1.2220.18, Remote Access Plus before 10.1.2228.11, Remote Monitoring and Management (RMM) before 10.1.41. ServiceDesk Plus before 14004, ServiceDesk Plus MSP before 13001, SupportCenter Plus before 11026, and Vulnerability Manager Plus before 10.1.2220.18. Exploitation is only possible if SAML SSO has ever been configured for a product (for some products, exploitation requires that SAML SSO is currently active).
FIRST-EPSS: 0.970510000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-47966
DESCRIPTION: Exploit Observer has 45 entries related to CVE-2022-47966. Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. This affects Access Manager Plus before 4308, Active Directory 360 before 4310, ADAudit Plus before 7081, ADManager Plus before 7162, ADSelfService Plus before 6211, Analytics Plus before 5150, Application Control Plus before 10.1.2220.18, Asset Explorer before 6983, Browser Security Plus before 11.1.2238.6, Device Control Plus before 10.1.2220.18, Endpoint Central before 10.1.2228.11, Endpoint Central MSP before 10.1.2228.11, Endpoint DLP before 10.1.2137.6, Key Manager Plus before 6401, OS Deployer before 1.1.2243.1, PAM 360 before 5713, Password Manager Pro before 12124, Patch Manager Plus before 10.1.2220.18, Remote Access Plus before 10.1.2228.11, Remote Monitoring and Management (RMM) before 10.1.41. ServiceDesk Plus before 14004, ServiceDesk Plus MSP before 13001, SupportCenter Plus before 11026, and Vulnerability Manager Plus before 10.1.2220.18. Exploitation is only possible if SAML SSO has ever been configured for a product (for some products, exploitation requires that SAML SSO is currently active).
FIRST-EPSS: 0.970510000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-3482
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-3482. An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2022-3482
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-3482. An improper access control issue in GitLab CE/EE affecting all versions from 11.3 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allowed an unauthorized user to see release names even when releases we set to be restricted to project members only
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-4236
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-4236. The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server.
FIRST-EPSS: 0.000490000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2022-4236
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-4236. The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server.
FIRST-EPSS: 0.000490000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-35349
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-35349. Microsoft Message Queuing Remote Code Execution Vulnerability
FIRST-EPSS: 0.008000000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-35349
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-35349. Microsoft Message Queuing Remote Code Execution Vulnerability
FIRST-EPSS: 0.008000000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-38334
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-38334. The WP Design Maps
CVE-2021-38334
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-38334. The WP Design Maps
#ExploitObserverAlert
CVE-2023-28771
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2023-28771. Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.
FIRST-EPSS: 0.918550000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-28771
DESCRIPTION: Exploit Observer has 17 entries related to CVE-2023-28771. Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device.
FIRST-EPSS: 0.918550000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-36844
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-36844. A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.
Using a crafted request an attacker is able to modify
certain PHP environment variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on EX Series:
* All versions prior to 20.4R3-S9;
* 21.1 versions 21.1R1 and later;
* 21.2 versions prior to 21.2R3-S7;
* 21.3 versions
prior to
21.3R3-S5;
* 21.4 versions
prior to
21.4R3-S5;
* 22.1 versions
prior to
22.1R3-S4;
* 22.2 versions
prior to
22.2R3-S2;
* 22.3 versions
prior to 22.3R3-S1;
* 22.4 versions
prior to
22.4R2-S2, 22.4R3;
* 23.2 versions prior to
23.2R1-S1, 23.2R2.
FIRST-EPSS: 0.025570000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-36844
DESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-36844. A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.
Using a crafted request an attacker is able to modify
certain PHP environment variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on EX Series:
* All versions prior to 20.4R3-S9;
* 21.1 versions 21.1R1 and later;
* 21.2 versions prior to 21.2R3-S7;
* 21.3 versions
prior to
21.3R3-S5;
* 21.4 versions
prior to
21.4R3-S5;
* 22.1 versions
prior to
22.1R3-S4;
* 22.2 versions
prior to
22.2R3-S2;
* 22.3 versions
prior to 22.3R3-S1;
* 22.4 versions
prior to
22.4R2-S2, 22.4R3;
* 23.2 versions prior to
23.2R1-S1, 23.2R2.
FIRST-EPSS: 0.025570000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-35934
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-35934. yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later).
At the file download stage, all cookies are passed by yt-dlp to the file downloader as a `Cookie` header, thereby losing their scope. This also occurs in yt-dlp's info JSON output, which may be used by external tools. As a result, the downloader or external tool may indiscriminately send cookies with requests to domains or paths for which the cookies are not scoped.
yt-dlp version 2023.07.06 and nightly 2023.07.06.185519 fix this issue by removing the `Cookie` header upon HTTP redirects; having native downloaders calculate the `Cookie` header from the cookiejar, utilizing external downloaders' built-in support for cookies instead of passing them as header arguments, disabling HTTP redirectiong if the external downloader does not have proper cookie support, processing cookies passed as HTTP headers to limit their scope, and having a separate field for cookies in the info dict storing more information about scoping
Some workarounds are available for those who are unable to upgrade. Avoid using cookies and user authentication methods. While extractors may set custom cookies, these usually do not contain sensitive information. Alternatively, avoid using `--load-info-json`. Or, if authentication is a must: verify the integrity of download links from unknown sources in browser (including redirects) before passing them to yt-dlp; use `curl` as external downloader, since it is not impacted; and/or avoid fragmented formats such as HLS/m3u8, DASH/mpd and ISM.
FIRST-EPSS: 0.000900000
NVD-IS: 4.7
NVD-ES: 2.8
CVE-2023-35934
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-35934. yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host. This vulnerable behavior is present in yt-dlp prior to 2023.07.06 and nightly 2023.07.06.185519. All native and external downloaders are affected, except for `curl` and `httpie` (version 3.1.0 or later).
At the file download stage, all cookies are passed by yt-dlp to the file downloader as a `Cookie` header, thereby losing their scope. This also occurs in yt-dlp's info JSON output, which may be used by external tools. As a result, the downloader or external tool may indiscriminately send cookies with requests to domains or paths for which the cookies are not scoped.
yt-dlp version 2023.07.06 and nightly 2023.07.06.185519 fix this issue by removing the `Cookie` header upon HTTP redirects; having native downloaders calculate the `Cookie` header from the cookiejar, utilizing external downloaders' built-in support for cookies instead of passing them as header arguments, disabling HTTP redirectiong if the external downloader does not have proper cookie support, processing cookies passed as HTTP headers to limit their scope, and having a separate field for cookies in the info dict storing more information about scoping
Some workarounds are available for those who are unable to upgrade. Avoid using cookies and user authentication methods. While extractors may set custom cookies, these usually do not contain sensitive information. Alternatively, avoid using `--load-info-json`. Or, if authentication is a must: verify the integrity of download links from unknown sources in browser (including redirects) before passing them to yt-dlp; use `curl` as external downloader, since it is not impacted; and/or avoid fragmented formats such as HLS/m3u8, DASH/mpd and ISM.
FIRST-EPSS: 0.000900000
NVD-IS: 4.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-5487
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5487. Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)
FIRST-EPSS: 0.000520000
NVD-IS: 3.6
NVD-ES: 2.8
CVE-2023-5487
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-5487. Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)
FIRST-EPSS: 0.000520000
NVD-IS: 3.6
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-4586
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4586. A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.
FIRST-EPSS: 0.000870000
NVD-IS: 5.2
NVD-ES: 2.2
CVE-2023-4586
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4586. A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.
FIRST-EPSS: 0.000870000
NVD-IS: 5.2
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2020-2236
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-2236. Jenkins Yet Another Build Visualizer Plugin 1.11 and earlier does not escape tooltip content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Run/Update permission.
FIRST-EPSS: 0.000540000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2020-2236
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-2236. Jenkins Yet Another Build Visualizer Plugin 1.11 and earlier does not escape tooltip content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Run/Update permission.
FIRST-EPSS: 0.000540000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2021-22218
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-22218. All versions of GitLab CE/EE starting from 12.8 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 were affected by an issue in the handling of x509 certificates that could be used to spoof author of signed commits.
FIRST-EPSS: 0.000670000
NVD-IS: 1.4
NVD-ES: 1.2
CVE-2021-22218
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-22218. All versions of GitLab CE/EE starting from 12.8 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 were affected by an issue in the handling of x509 certificates that could be used to spoof author of signed commits.
FIRST-EPSS: 0.000670000
NVD-IS: 1.4
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2022-30190
DESCRIPTION: Exploit Observer has 308 entries related to CVE-2022-30190. Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
FIRST-EPSS: 0.971670000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-30190
DESCRIPTION: Exploit Observer has 308 entries related to CVE-2022-30190. Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
FIRST-EPSS: 0.971670000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-32707
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-32707. In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests.
FIRST-EPSS: 0.745070000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-32707
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-32707. In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests.
FIRST-EPSS: 0.745070000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2020-6207
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2020-6207. SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.
FIRST-EPSS: 0.974210000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-6207
DESCRIPTION: Exploit Observer has 21 entries related to CVE-2020-6207. SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.
FIRST-EPSS: 0.974210000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-1132
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2019-1132. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2019-1132
DESCRIPTION: Exploit Observer has 15 entries related to CVE-2019-1132. An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2022-21907
DESCRIPTION: Exploit Observer has 64 entries related to CVE-2022-21907. HTTP Protocol Stack Remote Code Execution Vulnerability.
FIRST-EPSS: 0.891490000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-21907
DESCRIPTION: Exploit Observer has 64 entries related to CVE-2022-21907. HTTP Protocol Stack Remote Code Execution Vulnerability.
FIRST-EPSS: 0.891490000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-39840
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-39840. Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForms that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
FIRST-EPSS: 0.365760000
NVD-IS: 6.4
NVD-ES: 8.6
CVE-2021-39840
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2021-39840. Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForms that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
FIRST-EPSS: 0.365760000
NVD-IS: 6.4
NVD-ES: 8.6
#ExploitObserverAlert
CVE-2021-4034
DESCRIPTION: Exploit Observer has 525 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2021-4034
DESCRIPTION: Exploit Observer has 525 entries related to CVE-2021-4034. A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
FIRST-EPSS: 0.000460000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-29383
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-29383. In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.
FIRST-EPSS: 0.000450000
NVD-IS: 1.4
NVD-ES: 1.8
CVE-2023-29383
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-29383. In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.
FIRST-EPSS: 0.000450000
NVD-IS: 1.4
NVD-ES: 1.8