Vulnerabilities > Rapid7

DATE CVE VULNERABILITY TITLE RISK
2023-04-26 CVE-2023-2273 Path Traversal vulnerability in Rapid7 Insight Agent
Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path.
network
low complexity
rapid7 CWE-22
7.5
2023-04-21 CVE-2023-2226 Out-of-bounds Read vulnerability in Rapid7 Velociraptor
Due to insufficient validation in the PE and OLE parsers in Rapid7's Velociraptor versions earlier than 0.6.8 allows attacker to crash Velociraptor during parsing of maliciously malformed files.  For this attack to succeed, the attacker needs to be able to introduce malicious files to the system at the same time that Velociraptor attempts to collect any artifacts that attempt to parse PE files, Authenticode signatures, or OLE files.
network
low complexity
rapid7 CWE-125
5.3
2023-03-20 CVE-2023-0681 Open Redirect vulnerability in Rapid7 Insightvm
Rapid7 InsightVM versions 6.6.178 and lower suffers from an open redirect vulnerability, whereby an attacker has the ability to redirect the user to a site of the attacker’s choice using the ‘page’ parameter of the ‘data/console/redirect’ component of the application.
network
low complexity
rapid7 CWE-601
6.1
2023-02-01 CVE-2023-0599 Cross-site Scripting vulnerability in Rapid7 Metasploit
Rapid7 Metasploit Pro versions 4.21.2 and lower suffer from a stored cross site scripting vulnerability, due to a lack of JavaScript request string sanitization.
network
low complexity
rapid7 CWE-79
4.8
2023-02-01 CVE-2022-3913 Improper Certificate Validation vulnerability in Rapid7 Nexpose
Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of the update server when downloading updates.
network
high complexity
rapid7 CWE-295
5.3
2023-01-18 CVE-2023-0290 Path Traversal vulnerability in Rapid7 Velociraptor
Rapid7 Velociraptor did not properly sanitize the client ID parameter to the CreateCollection API, allowing a directory traversal in where the collection task could be written.
network
low complexity
rapid7 CWE-22
4.3
2023-01-18 CVE-2023-0242 Missing Authorization vulnerability in Rapid7 Velociraptor
Rapid7 Velociraptor allows users to be created with different privileges on the server.
network
low complexity
rapid7 CWE-862
8.8
2023-01-12 CVE-2017-5242 Use of Insufficiently Random Values vulnerability in Rapid7 Insightvm
Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017 contain identical SSH host keys.
network
high complexity
rapid7 CWE-330
7.7
2022-12-08 CVE-2022-4261 Download of Code Without Integrity Check vulnerability in Rapid7 Insightvm
Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate the authenticity of update contents.
network
low complexity
rapid7 CWE-494
6.5
2022-03-17 CVE-2022-0237 Unquoted Search Path or Element vulnerability in Rapid7 Insight Agent
Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir_agent.exe component, resulting in elevated rights and persistent access to the machine.
local
low complexity
rapid7 CWE-428
7.2