CVE-2018-5559
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-5559
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could return some configurations of connection data without obscuring sensitive data from the API response sent over an encrypted channel. This issue does not affect Rapid7 Komand version 0.42.0 and later versions.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
敏感数据的不恰当跨边界移除
Source: NVD (National Vulnerability Database)
Vulnerability Title
Rapid7 Komand 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Rapid7 Komand是美国Rapid7公司的一套IT安全自动化解决方案。该产品具有任务自动化、恶意软件识别、漏洞修补和电子邮件威胁识别等功能。 Rapid7 Komand 0.41.0及之前版本中存在安全漏洞。攻击者可利用该漏洞获取敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2018-5559
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-5559
请登录查看更多情报信息。
- https://www.alexanderjaeger.de/cve-2018-5559_my_first_cve/x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2018-5559
IV. Related Vulnerabilities
Same vendor: Rapid7
- CVE-2026-6863
HTTP Filestore Endpoints Misapply Permissions Across Organiz - CVE-2026-6948
Unbounded Memory Allocation in VQLResponse Result-Set Writer - CVE-2026-6482
Local Privilege Escalation via OpenSSL configuration file in - CVE-2026-6290
Velociraptor Query() Plugin Misapplies Permissions To Orgs - CVE-2026-4482
Insight Agent Private Key Information Disclosure via Inherit
Same weakness: CWE-212
- CVE-2024-43384
Phoenix Contact: Improper removal of sensitive information i - CVE-2026-43528
OpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and - CVE-2026-43824
Argo CD 安全漏洞 - CVE-2026-20928
Windows Recovery Environment Security Feature Bypass Vulnera - CVE-2026-39937
Global vanishing does not completely remove user email
V. Comments for CVE-2018-5559
No comments yet