Vulnerabilities > Axis > License Plate Verifier
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-21407 | Unspecified vulnerability in Axis License Plate Verifier 2.8.3 A broken access control was found allowing for privileged escalation of the operator account to gain administrator privileges. | 8.8 |
| 2023-08-03 | CVE-2023-21408 | Improper Handling of Exceptional Conditions vulnerability in Axis License Plate Verifier 2.8.3 Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration interface towards 3rd party systems. | 9.8 |
| 2023-08-03 | CVE-2023-21409 | Improper Handling of Exceptional Conditions vulnerability in Axis License Plate Verifier 2.8.3 Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application. | 9.8 |
| 2023-08-03 | CVE-2023-21410 | Unspecified vulnerability in Axis License Plate Verifier 2.8.3 User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution. | 8.8 |
| 2023-08-03 | CVE-2023-21411 | Unspecified vulnerability in Axis License Plate Verifier 2.8.3 User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution. | 8.8 |
| 2023-08-03 | CVE-2023-21412 | SQL Injection vulnerability in Axis License Plate Verifier 2.8.3 User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections. | 8.8 |