Skip to main content

Code42

5 CVEs product

Monthly

CVE-2020-12736 HIGH This Week

Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code42
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2019-16861 HIGH This Week

Code42 server through 7.0.2 for Windows has an Untrusted Search Path. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Code42
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2019-16860 HIGH This Week

Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Code42
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2019-15131 CRITICAL Act Now

In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload RCE Code42
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-11553 HIGH This Week

In Code42 for Enterprise through 6.8.4, an administrator without web restore permission but with the ability to manage users in an organization can impersonate a user with web restore permission. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Code42
NVD
CVSS 3.0
8.8
EPSS
1.0%
EPSS 2% CVSS 7.2
HIGH This Week

Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code42
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Code42 server through 7.0.2 for Windows has an Untrusted Search Path. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Code42
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Code42
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload RCE Code42
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Code42 for Enterprise through 6.8.4, an administrator without web restore permission but with the ability to manage users in an organization can impersonate a user with web restore permission. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Code42
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy