Vulnerabilities > Cassianetworks > Access Controller
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-27 | CVE-2023-35794 | Improper Authentication vulnerability in Cassianetworks Access Controller 2.1.1.2303271039 An issue was discovered in Cassia Access Controller 2.1.1.2303271039. | 8.8 |
| 2023-09-27 | CVE-2023-35793 | Cross-Site Request Forgery (CSRF) vulnerability in Cassianetworks Access Controller 2.1.1.2303271039 An issue was discovered in Cassia Access Controller 2.1.1.2303271039. | 8.8 |
| 2023-05-11 | CVE-2023-31445 | Incorrect Permission Assignment for Critical Resource vulnerability in Cassianetworks Access Controller 2.0.1 Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users. | 5.3 |
| 2022-10-14 | CVE-2021-22685 | Path Traversal vulnerability in Cassianetworks Access Controller An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1. | 7.5 |