Vulnerabilities > Unisys
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-32555 | Cross-Site Request Forgery (CSRF) vulnerability in Unisys Data Exchange Management Studio 6.0.Ic1/7.0 Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. | 8.8 |
| 2022-01-24 | CVE-2021-43394 | Improper Authentication vulnerability in Unisys Messaging Integration Services Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. | 9.8 |
| 2022-01-12 | CVE-2021-45445 | Infinite Loop vulnerability in Unisys Clearpath MCP Tcp/Ip Networking Services 59.1/60.0/62.0 Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop. | 7.5 |
| 2021-12-14 | CVE-2021-43388 | Cleartext Storage of Sensitive Information vulnerability in Unisys Cargo Mobile Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. | 7.5 |
| 2021-07-15 | CVE-2021-35056 | Unquoted Search Path or Element vulnerability in Unisys Stealth Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task. | 6.7 |
| 2021-04-27 | CVE-2020-35542 | Cross-site Scripting vulnerability in Unisys Data Exchange Management Studio Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. | 5.4 |
| 2021-04-20 | CVE-2021-28492 | Unspecified vulnerability in Unisys Stealth Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recoverable format. | 4.9 |
| 2021-03-18 | CVE-2021-3141 | Insufficiently Protected Credentials vulnerability in Unisys Stealth 6.0 In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is stored in a recoverable format that might be accessible by a local attacker, who could gain access to the Management Server and change the Stealth configuration. | 7.8 |
| 2020-10-01 | CVE-2020-24620 | Use of Hard-coded Credentials vulnerability in Unisys Stealth Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format. | 7.8 |
| 2020-06-22 | CVE-2020-12053 | Incorrect Authorization vulnerability in Unisys Stealth In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-based authorization is used without HTTPS, an endpoint could be authorized without a private key. | 9.8 |