Skip to main content

Local Run Manager

5 CVEs product

Monthly

CVE-2022-1524 MEDIUM This Month

LRM version 2.4 and lower does not implement TLS encryption. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Local Run Manager
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2022-1521 CRITICAL Act Now

LRM does not implement authentication or authorization by default. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Local Run Manager
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2022-1519 CRITICAL Act Now

LRM does not restrict the types of files that can be uploaded to the affected product. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Local Run Manager
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-1518 CRITICAL Act Now

LRM contains a directory traversal vulnerability that can allow a malicious actor to upload outside the intended directory structure. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Local Run Manager
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-1517 CRITICAL Act Now

LRM utilizes elevated privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Local Run Manager
NVD
CVSS 3.1
9.8
EPSS
1.6%
EPSS 0% CVSS 5.9
MEDIUM This Month

LRM version 2.4 and lower does not implement TLS encryption. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Local Run Manager
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

LRM does not implement authentication or authorization by default. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Local Run Manager
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

LRM does not restrict the types of files that can be uploaded to the affected product. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Local Run Manager
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

LRM contains a directory traversal vulnerability that can allow a malicious actor to upload outside the intended directory structure. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Local Run Manager
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

LRM utilizes elevated privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Local Run Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy