Skip to main content

Uc 500E Firmware

4 CVEs product

Monthly

CVE-2023-50706 MEDIUM This Month

A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session tokens. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Uc 500E Firmware
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-50705 MEDIUM This Month

An attacker could create malicious requests to obtain sensitive information about the web server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uc 500E Firmware
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-50704 MEDIUM This Month

An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Uc 500E Firmware
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-50703 MEDIUM This Month

An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Uc 500E Firmware
NVD
CVSS 3.1
5.9
EPSS
0.3%
EPSS 0% CVSS 4.3
MEDIUM This Month

A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session tokens. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Uc 500E Firmware
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

An attacker could create malicious requests to obtain sensitive information about the web server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uc 500E Firmware
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Uc 500E Firmware
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Uc 500E Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy