Vulnerabilities > Marvell > High

DATE CVE VULNERABILITY TITLE RISK
2021-01-08 CVE-2020-5805 Cleartext Storage of Sensitive Information vulnerability in Marvell Qconvergeconslole GUI 5.5.0.74
In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users.xml.
network
low complexity
marvell CWE-312
8.8
8.8
2021-01-08 CVE-2020-5804 Path Traversal vulnerability in Marvell Qconvergeconslole GUI 5.5.0.74
Marvell QConvergeConsole GUI <= 5.5.0.74 is affected by a path traversal vulnerability.
network
low complexity
marvell CWE-22
8.1
8.1
2020-12-18 CVE-2020-5803 Path Traversal vulnerability in Marvell Qconvergeconsole 5.5.00.74
Relative Path Traversal in Marvell QConvergeConsole GUI 5.5.0.74 allows a remote, authenticated attacker to delete arbitrary files on disk as SYSTEM or root.
network
low complexity
marvell CWE-22
8.1
8.1
2020-08-25 CVE-2020-17389 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
8.8
8.8
2020-08-25 CVE-2020-17388 Exposed Dangerous Method or Function vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-749
8.8
8.8
2020-08-25 CVE-2020-17387 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
8.8
8.8
2020-08-25 CVE-2020-15645 Unrestricted Upload of File with Dangerous Type vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-434
8.8
8.8
2020-08-25 CVE-2020-15644 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
8.8
8.8
2020-08-25 CVE-2020-15643 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
8.8
8.8
2020-08-25 CVE-2020-15642 OS Command Injection vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-78
8.8
8.8