FAIL › dossier
DotNetNuke (DNN) vendor
3
failure events
0
zero-days
1
RCEs
3
on KEV
1
critical
95
worst shame
Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.
Failure history 6 events
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2021-11-03 | CVE-2017-9822 | critical | ⚡RCE ⌖KEV | 95 | DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization. |
| 2021-11-03 | CVE-2017-9822 | critical | ⚡RCE ⌖KEV | 95 | DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization. |
| 2021-11-03 | CVE-2018-15811 | high | ⌖KEV | 50 | DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. |
| 2021-11-03 | CVE-2018-15811 | high | ⌖KEV | 50 | DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. |
| 2021-11-03 | CVE-2018-18325 | high | ⌖KEV | 50 | DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811. |
| 2021-11-03 | CVE-2018-18325 | high | ⌖KEV | 50 | DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811. |