Skip to main content

Hylafax Enterprise

2 CVEs product

Monthly

CVE-2020-15397 HIGH POC PATCH This Week

HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Hylafax Hylafax Enterprise
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-15396 HIGH POC PATCH This Week

In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Race Condition Privilege Escalation Hylafax Hylafax Enterprise Fedora +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Hylafax Hylafax Enterprise
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Race Condition Privilege Escalation Hylafax +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy