Skip to main content

Igss Data Server

8 CVEs product

Monthly

CVE-2023-27983 MEDIUM PATCH This Month

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Custom Reports Igss Dashboard Igss Data Server
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-27979 MEDIUM PATCH This Month

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Custom Reports Igss Dashboard Igss Data Server
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-27977 MEDIUM PATCH This Month

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Custom Reports Igss Dashboard Igss Data Server
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-27984 HIGH PATCH This Week

A CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to remote code execution when a user opens a malicious report. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Custom Reports Igss Dashboard Igss Data Server
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-27981 HIGH PATCH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Custom Reports that could cause a remote code execution when a victim tries to open a malicious report. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal Custom Reports Igss Dashboard Igss Data Server
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-27978 HIGH PATCH This Week

A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Deserialization Custom Reports Igss Dashboard Igss Data Server
NVD
CVSS 3.1
7.8
EPSS
6.5%
CVE-2023-27982 HIGH PATCH This Week

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard files in the IGSS project report directory, when an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Custom Reports Igss Dashboard Igss Data Server
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-27980 HIGH PATCH This Week

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Authentication Bypass Custom Reports Igss Dashboard Igss Data Server
NVD
CVSS 3.1
8.8
EPSS
0.9%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Custom Reports Igss Dashboard +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Custom Reports Igss Dashboard +1
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Custom Reports Igss Dashboard +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to remote code execution when a user opens a malicious report. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Custom Reports Igss Dashboard +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Custom Reports that could cause a remote code execution when a victim tries to open a malicious report. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal Custom Reports +2
NVD
EPSS 6% CVSS 7.8
HIGH PATCH This Week

A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that could cause an interpretation of malicious payload data, potentially leading to remote code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Deserialization Custom Reports +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard files in the IGSS project report directory, when an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Custom Reports Igss Dashboard +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Authentication Bypass Custom Reports +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy