Vulnerabilities > Accellion > Kiteworks
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-23 | CVE-2021-31585 | Unspecified vulnerability in Accellion Kiteworks 7.3.0 Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access. | 4.6 |
2021-06-23 | CVE-2021-31586 | SQL Injection vulnerability in Accellion Kiteworks Accellion Kiteworks before 7.4.0 allows an authenticated user to perform SQL Injection via LDAPGroup Search. | 6.5 |
2018-05-24 | CVE-2017-9421 | Improper Authentication vulnerability in Accellion Kiteworks Authentication Bypass vulnerability in Accellion kiteworks before 2017.01.00 allows remote attackers to execute certain API calls on behalf of a web user using a gathered token via a POST request to /oauth/token. | 6.4 |