Vulnerabilities > N Able
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-28200 | Improper Authentication vulnerability in N-Able N-Central 2023.4/2023.6/2023.7 The N-central server is vulnerable to an authentication bypass of the user interface. | 9.8 |
| 2024-02-08 | CVE-2023-47131 | Information Exposure Through Log Files vulnerability in N-Able Passportal The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file. | 7.5 |
| 2024-02-08 | CVE-2023-47132 | Unspecified vulnerability in N-Able N-Central 2023.4/2023.6 An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated privileges via API calls. | 9.8 |
| 2023-09-11 | CVE-2023-27470 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in N-Able Take Control 7.0.41.1141 BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion. | 7.0 |
| 2023-08-04 | CVE-2023-30297 | Unspecified vulnerability in N-Able N-Central An issue found in N-able Technologies N-central Server before 2023.4 allows a local attacker to execute arbitrary code via the monitoring function of the server. | 7.0 |