Skip to main content

Arconte Aurea

5 CVEs product

Monthly

CVE-2023-4096 HIGH This Week

Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Arconte Aurea
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2023-4095 MEDIUM This Month

User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Arconte Aurea
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-4094 HIGH This Week

ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Arconte Aurea
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2023-4093 MEDIUM This Month

Reflected and persistent XSS vulnerability in Arconte Áurea, in its 1.5.0.0 version. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arconte Aurea
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-4092 CRITICAL Act Now

SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SQLi Arconte Aurea
NVD
CVSS 3.1
9.8
EPSS
0.6%
EPSS 0% CVSS 8.2
HIGH This Week

Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Arconte Aurea
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Arconte Aurea
NVD
EPSS 0% CVSS 8.2
HIGH This Week

ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Arconte Aurea
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Reflected and persistent XSS vulnerability in Arconte Áurea, in its 1.5.0.0 version. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arconte Aurea
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SQLi Arconte Aurea
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy