Vulnerabilities > Carrier > Automatedlogic Webctrl > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-14 CVE-2018-8819 XXE vulnerability in Carrier Automatedlogic Webctrl 6.0/6.1/6.5
An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6.5.
network
low complexity
carrier CWE-611
7.5
2017-08-31 CVE-2016-5795 XXE vulnerability in multiple products
An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior.
network
low complexity
automatedlogic carrier CWE-611
7.3
2017-08-25 CVE-2017-9650 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior.
local
low complexity
automatedlogic carrier CWE-434
7.8
2017-08-25 CVE-2017-9644 Unquoted Search Path or Element vulnerability in multiple products
An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior.
local
high complexity
automatedlogic carrier CWE-428
7.0