Skip to main content

Msm

3 CVEs product

Monthly

CVE-2023-33284 HIGH This Week

Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Msm
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-33283 MEDIUM POC This Month

Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Msm
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-33282 CRITICAL POC Act Now

Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Msm
NVD
CVSS 3.1
9.8
EPSS
1.0%
EPSS 1% CVSS 8.8
HIGH This Week

Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Msm
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Msm
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Msm
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy