Vulnerabilidades en vantage6
23 resultadosCVE-2024-21649HIGHRemote code execution EPSS 1.3%CVE-2023-23930MEDIUMvantage6's Pickle serialization is insecureEPSS 0.9%CVE-2022-39228MEDIUMObservable Response Discrepancy in vantage6EPSS 0.6%CVE-2023-23929HIGHRefresh tokens do not expire in Vantage6EPSS 0.6%CVE-2024-21653MEDIUMvantage6 insecure SSH configuration for node and server containersEPSS 0.5%CVE-2023-47631HIGHvantage6 Node accepts non-whitelisted algorithms from malicious serverEPSS 0.4%CVE-2023-28635MEDIUMDefining resource name as integer in vantage6 may give unintended accessEPSS 0.4%CVE-2023-41882MEDIUMvantage6 Improper Access Control vulnerabilityEPSS 0.4%CVE-2024-21671LOWvantage6 username timing attackEPSS 0.4%CVE-2025-43863LOWvantage6 lacks brute-force protection on change password functionalityEPSS 0.4%CVE-2024-24770MEDIUMUsername timing attack on recover password/MFA token in vantage6EPSS 0.4%CVE-2023-22738MEDIUMImproper Preservation of Permissions in vantage6EPSS 0.4%CVE-2024-24562MEDIUMSecurity headers not set in vantage6-UIEPSS 0.3%CVE-2024-22200LOWvantage6-UI docker image leaks software version informationEPSS 0.3%CVE-2025-43866LOWVantage6 Server JWT secret not cryptographically secureEPSS 0.3%CVE-2023-41881LOWDeleting a collaboration should also delete linked resourcesEPSS 0.3%CVE-2024-32969LOWvantage6 collaboration admins can extend their influence by expanding the collaborationEPSS 0.3%CVE-2024-23823MEDIUMCORS settings overly permissive in vantage6EPSS 0.3%CVE-2026-54445MEDIUMVantage6: Set admin user and password from environment or configurationEPSS 0.3%CVE-2026-54533MEDIUMvantage6 node has an Improper Access Control issueEPSS 0.3%