Vulnerabilities > Adremsoft > Netcrunch > 10.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-16 | CVE-2019-14483 | Unspecified vulnerability in Adremsoft Netcrunch AdRem NetCrunch 10.6.0.4587 allows Credentials Disclosure. | 8.8 |
| 2020-12-16 | CVE-2019-14482 | Use of Hard-coded Credentials vulnerability in Adremsoft Netcrunch AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web client. | 9.8 |
| 2020-12-16 | CVE-2019-14480 | Incorrect Permission Assignment for Critical Resource vulnerability in Adremsoft Netcrunch AdRem NetCrunch 10.6.0.4587 has an Improper Session Handling vulnerability in the NetCrunch web client, which can lead to an authentication bypass or escalation of privileges. | 9.8 |
| 2020-12-16 | CVE-2019-14477 | Insufficiently Protected Credentials vulnerability in Adremsoft Netcrunch AdRem NetCrunch 10.6.0.4587 has Improper Credential Storage since the internal user database is readable by low-privileged users and passwords in the database are weakly encoded or encrypted. | 5.5 |