Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-4016: Insight Agent Release Notes

Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control vulnerability whereby, the user has access to the snapshot directory. An attacker can access, read and copy any of the files in this directory e.g. asset_info.json or file_info.json, leading to a loss of confidentiality. This issue was fixed in Rapid7 Insight Agent 3.1.3.

CVE
Open in Source
#vulnerability#web#js#intel

  • Products

    • Insight Platform Solutions

    • Threat Intelligence

      THREAT COMMAND

    • Vulnerability Management

      INSIGHTVM

    • Dynamic Application Security Testing

      INSIGHTAPPSEC

    • Orchestration & Automation (SOAR)

      INSIGHTCONNECT

    • Cloud Security

      INSIGHTCLOUDSEC

*   More Solutions
*   Penetration Testing
    
    METASPLOIT
    
*   On-Prem Vulnerability Management
    
    NEXPOSE
    
*   Application Monitoring & Protection
    
    TCELL

  • Services

    • MANAGED SERVICES

    • Detection and Response

      24/7 MONITORING & REMEDIATION FROM MDR EXPERTS

    • Vulnerability Management

      PERFECTLY OPTIMIZED RISK ASSESSMENT

    • Application Security

      SCAN MANAGEMENT & VULNERABILITY VALIDATION

*   OTHER SERVICES
*   Security Advisory Services
    
    PLAN, BUILD, & PRIORITIZE SECURITY INITIATIVES
    
*   Product Consulting
    
    QUICK-START & CONFIGURATION
    
*   Training & Certification
    
    SKILLS & ADVANCEMENT
    
*   Penetration Services
    
    TEST YOUR DEFENSES IN REAL-TIME
    
*   IoT Security Testing
    
    SECURE EVERYTHING CONNECTED TO A CONNECTED WORLD
    
*   Premium Support
    
    PRIORITY HELP & FASTER SOLUTIONS

  • Support & Resources

    • SUPPORT

    • Support Portal

      CONTACT CUSTOMER SUPPORT

    • Product Documentation

      EXPLORE PRODUCT GUIDES

    • Release Notes

      DISCOVER THE LATEST PRODUCT UPDATES

    • RESOURCES

    • Fundamentals

      FOUNDATIONAL SECURITY KNOWLEDGE

    • Blog

      THE LATEST INDUSTRY NEWS AND SECURITY EXPERTISE

    • Resources Library

      E-BOOKS, WHITE PAPERS, VIDEOS & BRIEFS

    • Extensions Library

      PLUGINS, INTEGRATIONS & DEVELOPER COMMUNITY

    • Partners

      RAPID7 PARTNER ECOSYSTEM

    • Webcasts & Events

      UPCOMING OPPORTUNITIES TO CONNECT WITH US

    • Vulnerability & Exploit Database

      SEARCH THE LATEST SECURITY RESEARCH

  • Company

    • OVERVIEW

    • Leadership

      EXECUTIVE TEAM & BOARD

    • News & Press Releases

      THE LATEST FROM OUR NEWSROOM

    • COMMUNITY & CULTURE

    • Social Good

      OUR COMMITMENT & APPROACH

    • Rapid7 Cybersecurity Foundation

      BUILDING THE FUTURE

    • Diversity, Equity & Inclusion

      EMPOWERING PEOPLE

    • Open Source

      STRENGTHENING CYBERSECURITY

    • Public Policy

      ENGAGEMENT & ADVOCACY

  • Research

  • Sign In

  • All Products

    • AppSpider
    • Insight Agent
    • InsightAppSec
    • InsightCloudSec
    • InsightConnect
    • Insight Platform
    • InsightIDR
    • Insight Network Sensor
    • InsightOps
    • InsightVM
    • Metasploit
    • Nexpose
    • tCell
    • Managed Services

  • Products

    • Insight Platform Solutions

    • Threat Intelligence

      THREAT COMMAND

    • Vulnerability Management

      INSIGHTVM

    • Dynamic Application Security Testing

      INSIGHTAPPSEC

    • Orchestration & Automation (SOAR)

      INSIGHTCONNECT

    • Cloud Security

      INSIGHTCLOUDSEC

*   More Solutions
*   Penetration Testing
    
    METASPLOIT
    
*   On-Prem Vulnerability Management
    
    NEXPOSE
    
*   Application Monitoring & Protection
    
    TCELL

  • Services

    • MANAGED SERVICES

    • Detection and Response

      24/7 MONITORING & REMEDIATION FROM MDR EXPERTS

    • Vulnerability Management

      PERFECTLY OPTIMIZED RISK ASSESSMENT

    • Application Security

      SCAN MANAGEMENT & VULNERABILITY VALIDATION

*   OTHER SERVICES
*   Security Advisory Services
    
    PLAN, BUILD, & PRIORITIZE SECURITY INITIATIVES
    
*   Product Consulting
    
    QUICK-START & CONFIGURATION
    
*   Training & Certification
    
    SKILLS & ADVANCEMENT
    
*   Penetration Services
    
    TEST YOUR DEFENSES IN REAL-TIME
    
*   IoT Security Testing
    
    SECURE EVERYTHING CONNECTED TO A CONNECTED WORLD
    
*   Premium Support
    
    PRIORITY HELP & FASTER SOLUTIONS

  • Support & Resources

    • SUPPORT

    • Support Portal

      CONTACT CUSTOMER SUPPORT

    • Product Documentation

      EXPLORE PRODUCT GUIDES

    • Release Notes

      DISCOVER THE LATEST PRODUCT UPDATES

    • RESOURCES

    • Fundamentals

      FOUNDATIONAL SECURITY KNOWLEDGE

    • Blog

      THE LATEST INDUSTRY NEWS AND SECURITY EXPERTISE

    • Resources Library

      E-BOOKS, WHITE PAPERS, VIDEOS & BRIEFS

    • Extensions Library

      PLUGINS, INTEGRATIONS & DEVELOPER COMMUNITY

    • Partners

      RAPID7 PARTNER ECOSYSTEM

    • Webcasts & Events

      UPCOMING OPPORTUNITIES TO CONNECT WITH US

    • Vulnerability & Exploit Database

      SEARCH THE LATEST SECURITY RESEARCH

  • Company

    • OVERVIEW

    • Leadership

      EXECUTIVE TEAM & BOARD

    • News & Press Releases

      THE LATEST FROM OUR NEWSROOM

    • COMMUNITY & CULTURE

    • Social Good

      OUR COMMITMENT & APPROACH

    • Rapid7 Cybersecurity Foundation

      BUILDING THE FUTURE

    • Diversity, Equity & Inclusion

      EMPOWERING PEOPLE

    • Open Source

      STRENGTHENING CYBERSECURITY

    • Public Policy

      ENGAGEMENT & ADVOCACY

  • Research

  • Sign In

  • Documentation

  • All Products

    • AppSpider

    • Insight Agent

    • InsightAppSec

    • InsightCloudSec

    • InsightConnect

    • Insight Platform

    • InsightIDR

    • Insight Network Sensor

    • InsightOps

    • InsightVM

    • Metasploit

    • Nexpose

    • tCell

    • Managed Services

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE