Vulnerabilities > Netsweeper > Netsweeper > 2.6.29.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-09-19 | CVE-2014-9616 | Information Exposure vulnerability in Netsweeper Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to obtain sensitive information by making a request that redirects to the deny page. | 5.0 |
2017-09-19 | CVE-2014-9611 | Improper Authentication vulnerability in Netsweeper Netsweeper before 4.0.5 allows remote attackers to bypass authentication and create arbitrary accounts and policies via a request to webadmin/nslam/index.php. | 7.5 |
2017-09-19 | CVE-2014-9610 | Permissions, Privileges, and Access Controls vulnerability in Netsweeper Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and remove IP addresses from the quarantine via the ip parameter to webadmin/user/quarantine_disable.php. | 5.0 |