Akkadianlabs - Provisioning Manager CVE - OpenCVE

Filtered by vendor Akkadianlabs Subscriptions

Filtered by product Provisioning Manager Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-31580	1 Akkadianlabs	2 Ova Appliance, Provisioning Manager	2024-08-03	8.7 High
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by switching the OpenSSH channel from `shell` to `exec` and providing the ssh client a single execution parameter. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).
CVE-2021-31581	1 Akkadianlabs	2 Ova Appliance, Provisioning Manager	2024-08-03	7.9 High
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).
CVE-2021-31579	1 Akkadianlabs	2 Ova Appliance, Provisioning Manager	2024-08-03	8.2 High
Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).

Page 1 of 1.