← Back

Idera

idera

9 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Uptime Infrastructure Monitor
uptime_infrastructure_monitor
8 CVEs
Yellowfin Business Intelligence
yellowfin_business_intelligence
1 CVE

CVEs (9)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-19587
1Idera
1Yellowfin Business Intelligence
Nov 21, 2024
Sep 14, 2022
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.
CVE-2015-9263
1Idera
1Uptime Infrastructure Monitor
Nov 21, 2024
Aug 27, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13). It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands.
CVE-2017-11471
1Idera
1Uptime Infrastructure Monitor
May 13, 2026
Jul 20, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.
CVE-2017-11470
1Idera
1Uptime Infrastructure Monitor
May 13, 2026
Jul 20, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.
CVE-2017-11469
1Idera
1Uptime Infrastructure Monitor
May 13, 2026
Jul 20, 2017
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the file_name parameter.
CVE-2015-8268
1Idera
1Uptime Infrastructure Monitor
May 6, 2026
Jun 10, 2016
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 on Linux allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2015-2896
1Idera
1Uptime Infrastructure Monitor
May 6, 2026
Dec 31, 2015
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command.
CVE-2015-2895
1Idera
1Uptime Infrastructure Monitor
May 6, 2026
Dec 31, 2015
N/A· v4
7.3 HIGH· v3
7.5 HIGH· v2
Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow remote attackers to execute arbitrary code via long command input.
CVE-2015-2894
1Idera
1Uptime Infrastructure Monitor
May 6, 2026
Dec 31, 2015
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service (application crash) via format string specifiers.