Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
860a7396 by Salvatore Bonaccorso at 2018-12-04T08:28:09Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15656,35 +15656,35 @@ CVE-2018-14711
CVE-2018-14710
RESERVED
CVE-2018-14709 (Incorrect access control in the Dashboard API on Drobo 5N2 NAS
version ...)
- TODO: check
+ NOT-FOR-US: Dashboard API on Drobo 5N2 NAS
CVE-2018-14708 (An insecure transport protocol used by Drobo Dashboard API on
Drobo ...)
- TODO: check
+ NOT-FOR-US: Drobo Dashboard API on Drobo 5N2 NAS
CVE-2018-14707 (Directory traversal in the Drobo Pix web application on Drobo
5N2 NAS ...)
- TODO: check
+ NOT-FOR-US: Drobo Pix web application on Drobo 5N2 NAS
CVE-2018-14706 (System command injection in the /DroboPix/api/drobopix/demo
endpoint ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14705
RESERVED
CVE-2018-14704 (Cross-site scripting in the MySQL API error page in Drobo 5N2
NAS ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14703 (Incorrect access control in the /mysql/api/droboapp/data
endpoint in ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14702 (Incorrect access control in the /drobopix/api/drobo.php
endpoint in ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14701 (System command injection in the /DroboAccess/delete_user
endpoint in ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14700 (Incorrect access control in the /mysql/api/logfile.php
endpoint in ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14699 (System command injection in the /DroboAccess/enable_user
endpoint in ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14698 (Cross-site scripting in the /DroboAccess/delete_user endpoint
in Drobo ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14697 (Cross-site scripting in the /DroboAccess/enable_user endpoint
in Drobo ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14696 (Incorrect access control in the /mysql/api/drobo.php endpoint
in Drobo ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14695 (Incorrect access control in the /mysql/api/diags.php endpoint
in Drobo ...)
- TODO: check
+ NOT-FOR-US: Drobo 5N2 NAS
CVE-2018-14694
RESERVED
CVE-2018-14693
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/860a7396682632d5e3be400f72c5744ab08528ba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/860a7396682632d5e3be400f72c5744ab08528ba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
