Darktrace

darktrace

4 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Enterprise Immune System

enterprise_immune_system

Threat Visualizer

threat_visualizer

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-22854 1Darktrace 1Threat Visualizer Jul 11, 2025 Feb 16, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 DOM-based HTML injection vulnerability in the main page of Darktrace Threat Visualizer version 6.1.27 (bundle version 61050) and before has been identified. A URL, crafted by a remote attacker and visited by an authentic...Show more DOM-based HTML injection vulnerability in the main page of Darktrace Threat Visualizer version 6.1.27 (bundle version 61050) and before has been identified. A URL, crafted by a remote attacker and visited by an authenticated user, allows open redirect and potential credential stealing using an injected HTML form.Show less
CVE-2023-29656 1Darktrace 1Threat Visualizer Nov 21, 2024 Jul 6, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 An improper authorization vulnerability in Darktrace mobile app (Android) prior to version 6.0.15 allows disabled and low-privilege users to control "antigena" actions(block/unblock traffic) from the mobile application....Show more An improper authorization vulnerability in Darktrace mobile app (Android) prior to version 6.0.15 allows disabled and low-privilege users to control "antigena" actions(block/unblock traffic) from the mobile application. This vulnerability could create a "shutdown", blocking all ingress or egress traffic in the entire infrastructure where darktrace agents are deployed.Show less
CVE-2019-9597 1Darktrace 1Enterprise Immune System Nov 21, 2024 Oct 23, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Darktrace Enterprise Immune System before 3.1 allows CSRF via the /config endpoint.
CVE-2019-9596 1Darktrace 1Enterprise Immune System Nov 21, 2024 Oct 23, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint.