← Back

Amp

amp

Vendor: Cubecoders • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-34539
1Cubecoders
1Amp
Nov 21, 2024
Jun 10, 2021
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code ex...Show more
An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution.Show less
CVE-2021-31926
1Cubecoders
1Amp
Nov 21, 2024
Apr 30, 2021
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
AMP Application Deployment Service in CubeCoders AMP 2.1.x before 2.1.1.2 allows a remote, authenticated user to open ports in the local system firewall by crafting an HTTP(S) request directly to the applicable API endpo...Show more
AMP Application Deployment Service in CubeCoders AMP 2.1.x before 2.1.1.2 allows a remote, authenticated user to open ports in the local system firewall by crafting an HTTP(S) request directly to the applicable API endpoint (despite not having permission to make changes to the system's network configuration).Show less