Skip to main content

Uniflow Ulm Universal Login Manager Standalone

1 CVEs product

Monthly

CVE-2026-1433 MEDIUM This Month

Information disclosure in uniFLOW Universal Login Manager (ULM) Standalone exposes sensitive SMTP and LDAP integration configuration data to authenticated administrators via the Remote User Interface (RUI). The flaw, classified under CWE-522 (Insufficiently Protected Credentials), applies exclusively to Standalone ULM deployments - environments integrated with uniFLOW Server or uniFLOW Online are explicitly confirmed unaffected. No public exploit code has been identified at time of analysis, and exploitation requires high-privilege access on an adjacent network, substantially limiting real-world risk.

Information Disclosure Uniflow Ulm Universal Login Manager Standalone
NVD
CVSS 4.0
4.8
EPSS
0.2%
EPSS 0% CVSS 4.8
MEDIUM This Month

Information disclosure in uniFLOW Universal Login Manager (ULM) Standalone exposes sensitive SMTP and LDAP integration configuration data to authenticated administrators via the Remote User Interface (RUI). The flaw, classified under CWE-522 (Insufficiently Protected Credentials), applies exclusively to Standalone ULM deployments - environments integrated with uniFLOW Server or uniFLOW Online are explicitly confirmed unaffected. No public exploit code has been identified at time of analysis, and exploitation requires high-privilege access on an adjacent network, substantially limiting real-world risk.

Information Disclosure Uniflow Ulm Universal Login Manager Standalone
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy