Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for replicated_classic by replicated
CVE-2021-43058 (GCVE-0-2021-43058)
Vulnerability from nvd – Published: 2021-11-01 21:03 – Updated: 2024-08-04 03:47
VLAI
Summary
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site.
Severity
No CVSS data available.
CWE
- URL redirection to untrusted site (“Open Redirect”).
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.replicated.com/security/advisories/CV… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | REPLICATED CLASSIC |
Affected:
All versions prior to 2.53.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:47:13.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.replicated.com/security/advisories/CVE-2021-43058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "REPLICATED CLASSIC",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2.53.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "URL redirection to untrusted site (\u201cOpen Redirect\u201d).",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-01T21:03:18.000Z",
"orgId": "7d06583b-61c8-4499-8067-80a92a3b48e1",
"shortName": "Replicated"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.replicated.com/security/advisories/CVE-2021-43058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@replicated.com",
"ID": "CVE-2021-43058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "REPLICATED CLASSIC",
"version": {
"version_data": [
{
"version_value": "All versions prior to 2.53.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "URL redirection to untrusted site (\u201cOpen Redirect\u201d)."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.replicated.com/security/advisories/CVE-2021-43058",
"refsource": "MISC",
"url": "https://www.replicated.com/security/advisories/CVE-2021-43058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d06583b-61c8-4499-8067-80a92a3b48e1",
"assignerShortName": "Replicated",
"cveId": "CVE-2021-43058",
"datePublished": "2021-11-01T21:03:18.000Z",
"dateReserved": "2021-10-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:47:13.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10590 (GCVE-0-2020-10590)
Vulnerability from nvd – Published: 2021-07-28 11:38 – Updated: 2024-08-04 11:06
VLAI
Summary
Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://blog.replicated.com | x_refsource_MISC |
| https://gradle.com/enterprise/releases/2019.5/#changes | x_refsource_CONFIRM |
| https://www.replicated.com/security/advisories/CV… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.replicated.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gradle.com/enterprise/releases/2019.5/#changes"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.replicated.com/security/advisories/CVE-2020-10590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-28T11:38:46.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.replicated.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gradle.com/enterprise/releases/2019.5/#changes"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.replicated.com/security/advisories/CVE-2020-10590"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.replicated.com",
"refsource": "MISC",
"url": "https://blog.replicated.com"
},
{
"name": "https://gradle.com/enterprise/releases/2019.5/#changes",
"refsource": "CONFIRM",
"url": "https://gradle.com/enterprise/releases/2019.5/#changes"
},
{
"name": "https://www.replicated.com/security/advisories/CVE-2020-10590",
"refsource": "MISC",
"url": "https://www.replicated.com/security/advisories/CVE-2020-10590"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10590",
"datePublished": "2021-07-28T11:38:46.000Z",
"dateReserved": "2020-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:10.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43058 (GCVE-0-2021-43058)
Vulnerability from cvelistv5 – Published: 2021-11-01 21:03 – Updated: 2024-08-04 03:47
VLAI
Summary
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site.
Severity
No CVSS data available.
CWE
- URL redirection to untrusted site (“Open Redirect”).
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.replicated.com/security/advisories/CV… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | REPLICATED CLASSIC |
Affected:
All versions prior to 2.53.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:47:13.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.replicated.com/security/advisories/CVE-2021-43058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "REPLICATED CLASSIC",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 2.53.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "URL redirection to untrusted site (\u201cOpen Redirect\u201d).",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-01T21:03:18.000Z",
"orgId": "7d06583b-61c8-4499-8067-80a92a3b48e1",
"shortName": "Replicated"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.replicated.com/security/advisories/CVE-2021-43058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@replicated.com",
"ID": "CVE-2021-43058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "REPLICATED CLASSIC",
"version": {
"version_data": [
{
"version_value": "All versions prior to 2.53.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "URL redirection to untrusted site (\u201cOpen Redirect\u201d)."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.replicated.com/security/advisories/CVE-2021-43058",
"refsource": "MISC",
"url": "https://www.replicated.com/security/advisories/CVE-2021-43058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d06583b-61c8-4499-8067-80a92a3b48e1",
"assignerShortName": "Replicated",
"cveId": "CVE-2021-43058",
"datePublished": "2021-11-01T21:03:18.000Z",
"dateReserved": "2021-10-28T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:47:13.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10590 (GCVE-0-2020-10590)
Vulnerability from cvelistv5 – Published: 2021-07-28 11:38 – Updated: 2024-08-04 11:06
VLAI
Summary
Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://blog.replicated.com | x_refsource_MISC |
| https://gradle.com/enterprise/releases/2019.5/#changes | x_refsource_CONFIRM |
| https://www.replicated.com/security/advisories/CV… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:10.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.replicated.com"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gradle.com/enterprise/releases/2019.5/#changes"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.replicated.com/security/advisories/CVE-2020-10590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-28T11:38:46.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.replicated.com"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gradle.com/enterprise/releases/2019.5/#changes"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.replicated.com/security/advisories/CVE-2020-10590"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on the Replicated Classic server could retrieve the TLS Keypair (Cert and Key) used to configure the Admin Console."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.replicated.com",
"refsource": "MISC",
"url": "https://blog.replicated.com"
},
{
"name": "https://gradle.com/enterprise/releases/2019.5/#changes",
"refsource": "CONFIRM",
"url": "https://gradle.com/enterprise/releases/2019.5/#changes"
},
{
"name": "https://www.replicated.com/security/advisories/CVE-2020-10590",
"refsource": "MISC",
"url": "https://www.replicated.com/security/advisories/CVE-2020-10590"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10590",
"datePublished": "2021-07-28T11:38:46.000Z",
"dateReserved": "2020-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:06:10.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}