CPE-75826B62-A037-4327-BB47-DFCDEA68CEAE Détail

CPE Details

Wowza Streaming Engine 4.8.5

Vendor

wowza

Product

streaming_engine

Version

4.8.5

Created

2020-08-05
18h04 +00:00

Modifié

2020-08-05
18h04 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:wowza:streaming_engine:4.8.5:::::::*

Informations

Vendor

wowza

Product

streaming_engine

Version

4.8.5

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2024-52052	2024-11-21 22h20 +00:00	Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution.	9.4	Critique
CVE-2021-35492	2021-10-05 13h12 +00:00	Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. This is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability through the Virtual Host Monitoring section by requesting random virtual-host historical data and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. (Manual intervention is required to free filesystem resources and return the application to an operational state.)	6.5	Moyen
CVE-2021-35491	2021-10-05 13h10 +00:00	A Cross-Site Request Forgery (CSRF) vulnerability in Wowza Streaming Engine through 4.8.11+5 allows a remote attacker to delete a user account via the /enginemanager/server/user/delete.htm userName parameter. The application does not implement a CSRF token for the GET request. This issue was resolved in Wowza Streaming Engine release 4.8.14.	8.1	Haute
CVE-2021-31539	2021-04-23 14h11 +00:00	Wowza Streaming Engine before 4.8.8.01 (in a default installation) has cleartext passwords stored in the conf/admin.password file. A regular local user is able to read usernames and passwords.	5.5	Moyen
CVE-2021-31540	2021-04-23 14h10 +00:00	Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. A regular local user is able to read and write to all the configuration files, e.g., modify the application server configuration.	7.1	Haute

Wowza Streaming Engine 4.8.5

CPE Details

CPE Name: cpe:2.3:a:wowza:streaming_engine:4.8.5:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:wowza:streaming_engine:4.8.5:::::::*