Vulnerabilities > Ixpdata

DATE CVE VULNERABILITY TITLE RISK
2020-01-23 CVE-2019-19895 Incorrect Permission Assignment for Critical Resource vulnerability in Ixpdata Easyinstall 6.2.13723
In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Agent Service) against other users on a client system.
local
low complexity
ixpdata CWE-732
7.8
2020-01-23 CVE-2019-19894 Incorrect Permission Assignment for Critical Resource vulnerability in Ixpdata Easyinstall 6.2.13723
In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UAC by using the Agent Service on a client system.
local
low complexity
ixpdata CWE-732
5.5
2020-01-23 CVE-2019-19893 Path Traversal vulnerability in Ixpdata Easyinstall 6.2.13723
In IXP EasyInstall 6.2.13723, there is Directory Traversal on TCP port 8000 via the Engine Service by an unauthenticated attacker, who can access the server's filesystem with the access rights of NT AUTHORITY\SYSTEM.
network
low complexity
ixpdata CWE-22
7.5