Vulnerabilities > Cososys
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-04 | CVE-2019-13285 | Injection vulnerability in Cososys Endpoint Protector 5.1.0.2 CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection. | 5.0 |
2014-06-02 | CVE-2014-3932 | SQL Injection vulnerability in Cososys Endpoint Protector 4.3.0.4/4.4.0.2 SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 7.5 |
2012-09-18 | CVE-2012-2994 | Permissions, Privileges, and Access Controls vulnerability in Cososys Endpoint Protector Appliace 4 The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force attack. | 7.5 |