Vulnerabilities > Netsweeper > Netsweeper > 3.1.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-19 | CVE-2014-9611 | Improper Authentication vulnerability in Netsweeper Netsweeper before 4.0.5 allows remote attackers to bypass authentication and create arbitrary accounts and policies via a request to webadmin/nslam/index.php. | 9.8 |
| 2017-09-19 | CVE-2014-9610 | Permissions, Privileges, and Access Controls vulnerability in Netsweeper Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and remove IP addresses from the quarantine via the ip parameter to webadmin/user/quarantine_disable.php. | 5.3 |