Vulnerabilities > Fiware

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-12	CVE-2024-42163	Inadequate Encryption Strength vulnerability in Fiware Keyrock Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to take over the account of any user by predicting the token for the password reset link. network low complexity fiware CWE-326	8.1
2024-08-12	CVE-2024-42164	Use of Insufficiently Random Values vulnerability in Fiware Keyrock Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link. network low complexity fiware CWE-330	4.3
2024-08-12	CVE-2024-42165	Use of Insufficiently Random Values vulnerability in Fiware Keyrock Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link. network low complexity fiware CWE-330	5.4
2024-08-12	CVE-2024-42166	OS Command Injection vulnerability in Fiware Keyrock The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. network low complexity fiware CWE-78	7.2
2024-08-12	CVE-2024-42167	OS Command Injection vulnerability in Fiware Keyrock The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4 does not neutralize special elements used in an OS Command properly. network low complexity fiware CWE-78	7.2

Vulnerabilities > Fiware {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fiware"}]}

Vulnerabilities > Fiware