Proxmox 漏洞列表
共找到 3 个与 Proxmox 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2022-35507: Proxmox - CRLF Injection POC
A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers because they allow injection of response headers with %0d. This is fixed in pve-http-server 4.1-3. -
CVE-2022-35507: Proxmox - CRLF Injection POC
A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers because they allow injection of response headers with %0d. This is fixed in pve-http-server 4.1-3. -
Proxmox VE 弱口令漏洞 无POC
Proxmox VE是一个企业级虚拟化平台,该平台集成了基于内核的虚拟机管理程序(KVM)和基于Linux容器(LXC)这两种虚拟化技术,同时还集成了软件定义存储和虚拟网络功能。借助Web的管理界面工具,可以轻松地管理和配置虚拟机、容器、高可用性集群、软件定义存储、虚拟网络以及备份等。 当系统存在弱口令漏洞时,攻击者可通过该口令获取该平台的系统权限,从而控制其中虚拟化的设备。