Vulnerabilities > Device42
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-17 | CVE-2022-1401 | Incorrect Authorization vulnerability in Device42 Cmdb Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with root permissions. | 7.5 |
2021-09-17 | CVE-2021-41315 | OS Command Injection vulnerability in Device42 Remote Collector The Device42 Remote Collector before 17.05.01 does not sanitize user input in its SNMP Connectivity utility. | 9.0 |
2021-09-17 | CVE-2021-41316 | Argument Injection or Modification vulnerability in Device42 The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. | 8.5 |