Vulnerabilities > USU > Oracle Optimization > 20210817

DATE CVE VULNERABILITY TITLE RISK
2022-04-29 CVE-2022-29935 Unspecified vulnerability in USU Oracle Optimization 20210817
USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an agent-installer download.
network
low complexity
usu
7.5
7.5
2022-04-29 CVE-2022-29937 OS Command Injection vulnerability in USU Oracle Optimization 20210817
USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent root access because some common OS commands are blocked but (for example) an OS command for base64 decoding is not blocked.
network
low complexity
usu CWE-78
8.8
8.8