Vulnerabilities > Adremsoft > Netcrunch > 10.9.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-16 | CVE-2019-14480 | Incorrect Permission Assignment for Critical Resource vulnerability in Adremsoft Netcrunch AdRem NetCrunch 10.6.0.4587 has an Improper Session Handling vulnerability in the NetCrunch web client, which can lead to an authentication bypass or escalation of privileges. | 9.8 |
| 2020-12-16 | CVE-2019-14477 | Insufficiently Protected Credentials vulnerability in Adremsoft Netcrunch AdRem NetCrunch 10.6.0.4587 has Improper Credential Storage since the internal user database is readable by low-privileged users and passwords in the database are weakly encoded or encrypted. | 5.5 |