Vulnerabilities > Mbconnectline > Mymbconnect24 > 2.8.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-16 | CVE-2020-35561 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An issue was discovered MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. | 5.3 |
2021-02-16 | CVE-2020-35558 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual through 2.11.2. | 7.5 |
2021-02-16 | CVE-2020-35557 | Improper Privilege Management vulnerability in multiple products An issue in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 allows a logged in user to see devices in the account he should not have access to due to improper use of access validation. | 6.5 |