Vulnerabilities > Eclipse > Kura > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-09 | CVE-2024-3046 | Unspecified vulnerability in Eclipse Kura In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. | 7.5 |
| 2019-04-09 | CVE-2019-10244 | XXE vulnerability in Eclipse Kura In Eclipse Kura versions up to 4.0.0, the Web UI package and component services, the Artemis simple Mqtt component and the emulator position service (not part of the device distribution) could potentially be target of XXE attack due to an improper factory and parser initialisation. | 7.5 |