Vulnerabilities > Microstrategy > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-13 | CVE-2020-22983 | Server-Side Request Forgery (SSRF) vulnerability in Microstrategy web A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task. | 8.1 |
2022-05-11 | CVE-2022-29596 | Path Traversal vulnerability in Microstrategy Enterprise Manager 2022 MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal. | 7.5 |
2018-12-28 | CVE-2018-18696 | Cross-Site Request Forgery (CSRF) vulnerability in Microstrategy 10.4/10.4.0026.0049/9.2.1 main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has CSRF. | 8.8 |