Vulnerabilities > Tufin

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-09	CVE-2020-13462	Authorization Bypass Through User-Controlled Key vulnerability in Tufin Securetrack 18.1 Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA. low complexity tufin CWE-639	5.7
2021-02-09	CVE-2020-13461	Unspecified vulnerability in Tufin Securetrack Username enumeration in present in Tufin SecureTrack. low complexity tufin	4.3
2021-02-09	CVE-2020-13460	Cross-Site Request Forgery (CSRF) vulnerability in Tufin Securetrack 18.1 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities were present in Tufin SecureTrack, affecting all versions prior to R20-2 GA. network low complexity tufin CWE-352	8.8
2021-02-09	CVE-2020-13409	Cross-site Scripting vulnerability in Tufin Securetrack 18.1 Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). low complexity tufin CWE-79	5.9
2021-02-09	CVE-2020-13408	Cross-site Scripting vulnerability in Tufin Securetrack 18.1 Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). low complexity tufin CWE-79	5.9
2021-02-09	CVE-2020-13407	Cross-site Scripting vulnerability in Tufin Securetrack 18.1 Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). low complexity tufin CWE-79	5.9
2021-01-20	CVE-2020-13134	Cross-site Scripting vulnerability in Tufin Securechange Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. network low complexity tufin CWE-79	4.8
2021-01-20	CVE-2020-13133	Cross-site Scripting vulnerability in Tufin Securechange Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to stored XSS. network low complexity tufin CWE-79	6.1
2019-06-19	CVE-2018-18406	XXE vulnerability in Tufin Securetrack 18.1 An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). network low complexity tufin CWE-611 critical	9.9

Vulnerabilities > Tufin {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Tufin"}]}

Vulnerabilities > Tufin