Vulnerabilities > Auvesy > Versiondog > 8.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-22 | CVE-2021-38457 | Missing Authentication for Critical Function vulnerability in Auvesy Versiondog The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication. | 9.8 |
2021-10-22 | CVE-2021-38461 | Use of Hard-coded Credentials vulnerability in Auvesy Versiondog The affected product uses a hard-coded blowfish key for encryption/decryption processes. | 8.2 |
2021-10-22 | CVE-2021-38463 | Allocation of Resources Without Limits or Throttling vulnerability in Auvesy Versiondog The affected product does not properly control the allocation of resources. | 8.1 |
2021-10-22 | CVE-2021-38465 | Allocation of Resources Without Limits or Throttling vulnerability in Auvesy Versiondog The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent. | 6.5 |
2021-10-22 | CVE-2021-38473 | Out-of-bounds Write vulnerability in Auvesy Versiondog The affected product’s code base doesn’t properly control arguments for specific functions, which could lead to a stack overflow. | 6.5 |