Vulnerabilities > Ixpdata > Easyinstall

DATE CVE VULNERABILITY TITLE RISK
2023-10-19 CVE-2023-27792 Missing Authorization vulnerability in Ixpdata Easyinstall 6.6.148840
An issue found in IXP Data Easy Install v.6.6.14884.0 allows an attacker to escalate privileges via lack of permissions applied to sub directories.
local
low complexity
ixpdata CWE-862
7.8
2023-10-19 CVE-2023-27793 Unspecified vulnerability in Ixpdata Easyinstall 6.6.14884.0
An issue discovered in IXP Data Easy Install v.6.6.14884.0 allows local attackers to gain escalated privileges via weak encoding of sensitive information.
local
low complexity
ixpdata
7.8
2023-10-19 CVE-2023-27795 Unspecified vulnerability in Ixpdata Easyinstall 6.6.148840
An issue found in IXP Data Easy Install v.6.6.14884.0 allows a local attacker to gain privileges via a static XOR key.
local
low complexity
ixpdata
7.8
2023-10-19 CVE-2023-30131 Unspecified vulnerability in Ixpdata Easyinstall 6.6.148840
An issue discovered in IXP EasyInstall 6.6.14884.0 allows attackers to run arbitrary commands, gain escalated privilege, and cause other unspecified impacts via unauthenticated API calls.
network
low complexity
ixpdata
critical
9.8
2023-10-19 CVE-2023-30132 Inadequate Encryption Strength vulnerability in Ixpdata Easyinstall 6.6.14907.0
An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated privileges via static Cryptographic Key.
local
low complexity
ixpdata CWE-326
7.8
2023-10-19 CVE-2023-27791 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Ixpdata Easyinstall 6.6.148840
An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG.
network
high complexity
ixpdata CWE-338
8.1
2022-12-01 CVE-2022-35120 Cleartext Storage of Sensitive Information vulnerability in Ixpdata Easyinstall 6.6.14725
IXPdata EasyInstall 6.6.14725 contains an access control issue.
local
low complexity
ixpdata CWE-312
8.8
2020-01-23 CVE-2019-19898 Use of Hard-coded Credentials vulnerability in Ixpdata Easyinstall 6.2.13723
In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely.
network
low complexity
ixpdata CWE-798
5.0
2020-01-23 CVE-2019-19897 OS Command Injection vulnerability in Ixpdata Easyinstall 6.2.13723
In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service.
network
low complexity
ixpdata CWE-78
critical
10.0
2020-01-23 CVE-2019-19896 Incorrect Default Permissions vulnerability in Ixpdata Easyinstall 6.2.13723
In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak permissions on the Engine Service share.
network
low complexity
ixpdata CWE-276
critical
9.0