Skip to main content

Exacqvision Web Service

8 CVEs product

Monthly

CVE-2024-32931 MEDIUM This Month

Under certain circumstances the exacqVision Web Service can expose authentication token details within communications. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Exacqvision Web Service
NVD
CVSS 3.1
5.7
EPSS
0.4%
CVE-2024-32862 HIGH This Week

Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cors Misconfiguration Exacqvision Web Service
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-32864 HIGH This Week

Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Exacqvision Web Service
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2024-32863 HIGH This Week

Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Exacqvision Web Service
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2021-27664 CRITICAL Act Now

Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Exacqvision Web Service
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-27659 MEDIUM This Month

exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Exacqvision Web Service
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2021-27656 HIGH PATCH This Week

A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated attacker to view system-level information about the exacqVision Web Service and the operating system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Exacqvision Web Service
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-9047 HIGH POC This Week

A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jwt Attack Command Injection Exacqvision Enterprise Manager Exacqvision Web Service
NVD
CVSS 3.1
7.2
EPSS
7.8%
EPSS 0% CVSS 5.7
MEDIUM This Month

Under certain circumstances the exacqVision Web Service can expose authentication token details within communications. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Exacqvision Web Service
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cors Misconfiguration Exacqvision Web Service
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Exacqvision Web Service
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Exacqvision Web Service
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Under certain configurations an unauthenticated remote user could be given access to credentials stored in the exacqVision Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Exacqvision Web Service
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

exacqVision Web Service 21.03 does not sufficiently validate, filter, escape, and/or encode user-controllable input before it is placed in output that is used as a web page that is served to other. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Exacqvision Web Service
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated attacker to view system-level information about the exacqVision Web Service and the operating system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Exacqvision Web Service
NVD
EPSS 8% CVSS 7.2
HIGH POC This Week

A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jwt Attack Command Injection Exacqvision Enterprise Manager +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy