Vulnerabilities > Unisys

DATE CVE VULNERABILITY TITLE RISK
2021-07-15 CVE-2021-35056 Unquoted Search Path or Element vulnerability in Unisys Stealth
Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task.
local
low complexity
unisys CWE-428
4.6
2021-04-27 CVE-2020-35542 Cross-site Scripting vulnerability in Unisys Data Exchange Management Studio
Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field.
network
unisys CWE-79
3.5
2021-04-20 CVE-2021-28492 Unspecified vulnerability in Unisys Stealth 5.0/5.0.024/5.0.026
Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recoverable format.
network
low complexity
unisys
4.0
2021-03-18 CVE-2021-3141 Insufficiently Protected Credentials vulnerability in Unisys Stealth
In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is stored in a recoverable format that might be accessible by a local attacker, who could gain access to the Management Server and change the Stealth configuration.
local
low complexity
unisys CWE-522
2.1
2020-10-01 CVE-2020-24620 Use of Hard-coded Credentials vulnerability in Unisys Stealth
Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format.
local
low complexity
unisys CWE-798
2.1
2020-06-22 CVE-2020-12053 Incorrect Authorization vulnerability in Unisys Stealth
In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-based authorization is used without HTTPS, an endpoint could be authorized without a private key.
network
low complexity
unisys CWE-863
7.5
2020-05-21 CVE-2020-12647 Unspecified vulnerability in Unisys Algol Compiler 58.1/59.1/60.0
Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5 can emit invalid code sequences under rare circumstances related to syntax.
local
low complexity
unisys
7.2
2020-02-03 CVE-2019-18193 Information Exposure Through Log Files vulnerability in Unisys Stealth
In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114, key material inadvertently logged under certain conditions.
local
unisys CWE-532
6.9
2020-01-07 CVE-2019-18386 Improper Input Validation vulnerability in Unisys MCP Firmware
Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel
network
unisys CWE-20
5.8
2018-05-30 CVE-2018-7534 Key Management Errors vulnerability in Unisys Stealth Authorization Server
In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth Solution, an encryption key may be left in memory.
local
unisys CWE-320
1.9