Vulnerabilities > Kofax

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2022-25090 Race Condition vulnerability in Kofax Printix 1.3.1106.0
Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition.
network
high complexity
kofax CWE-362
8.1
2022-03-03 CVE-2022-25089 Improper Privilege Management vulnerability in Kofax Printix 1.3.1106.0
Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData.
network
low complexity
kofax CWE-269
critical
9.8
2019-04-18 CVE-2018-17289 XXE vulnerability in Kofax Front Office Server 4.1.1.11.0.5212
An XML external entity (XXE) vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration (.ZIP file) within the Kofax/KFS/Admin/PackageService/package/upload file parameter.
network
low complexity
kofax CWE-611
6.5
2019-04-18 CVE-2018-17288 Cross-site Scripting vulnerability in Kofax Front Office Server 4.1.1.11.0.5212
Kofax Front Office Server version 4.1.1.11.0.5212 (both Thin Client and Administration Console) suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - (Thin Client) or (2) "DeviceName" field in /Kofax/KFS/Admin/DeviceService/device/ - (Administration Console).
network
low complexity
kofax CWE-79
5.4
2019-04-18 CVE-2018-17287 Missing Encryption of Sensitive Data vulnerability in Kofax Front Office Server 4.1.1.11.0.5212
In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as passwords, are obfuscated in the front-end, but the cleartext value can be exfiltrated by using the back-end "download" feature, as demonstrated by an mfp.password downloadsettingvalue operation.
network
low complexity
kofax CWE-311
4.9