Skip to main content

Beyondinsight

2 CVEs product

Monthly

CVE-2024-4220 MEDIUM This Month

Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Beyondinsight
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-4219 CRITICAL Act Now

Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Beyondinsight
NVD
CVSS 3.1
9.1
EPSS
0.2%
EPSS 0% CVSS 5.3
MEDIUM This Month

Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Beyondinsight
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Beyondinsight
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy