Vulnerabilities > Unicon Software

DATE CVE VULNERABILITY TITLE RISK
2017-09-13 CVE-2017-14124 Improper Privilege Management vulnerability in Unicon-Software RP
In eLux RP 5.x before 5.5.1000 LTSR and 5.6.x before 5.6.2 CR when classic desktop mode is used, it is possible to start applications other than defined, even if the user does not have permissions to change application definitions.
local
high complexity
unicon-software CWE-269
6.3
2017-07-19 CVE-2017-7977 Command Injection vulnerability in Unicon-Software Elux
The Screensavercc component in eLux RP before 5.5.0 allows attackers to bypass intended configuration restrictions and execute arbitrary commands with root privileges by inserting commands in a local configuration dialog in the control panel.
network
low complexity
unicon-software CWE-77
critical
9.8