Vulnerabilities > Verint

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-36395 Unspecified vulnerability in Verint Workforce Optimization 15.2.918.262
Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
network
low complexity
verint
6.1
2024-06-13 CVE-2024-36396 Unspecified vulnerability in Verint Workforce Optimization
Verint - CWE-434: Unrestricted Upload of File with Dangerous Type
network
low complexity
verint
8.8
2023-08-02 CVE-2023-33257 Cross-site Scripting vulnerability in Verint Engagement Management 15.3
Verint Engagement Management 15.3 Update 2023R2 is vulnerable to HTML injection via the user data form in the live chat.
network
low complexity
verint CWE-79
5.4
2022-10-20 CVE-2020-12744 Improper Preservation of Permissions vulnerability in Verint Desktop and Process Analytics 15.2
The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair.
local
low complexity
verint CWE-281
7.8
2021-12-15 CVE-2021-36450 Cross-site Scripting vulnerability in Verint Workforce Optimization 15.2.8.10048
Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter.
network
low complexity
verint CWE-79
6.1
2021-10-08 CVE-2021-41825 Cross-site Scripting vulnerability in Verint Workforce Optimization 15.2.5.1033
Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter.
network
low complexity
verint CWE-79
5.3
2020-09-22 CVE-2020-23446 Authorization Bypass Through User-Controlled Key vulnerability in Verint Workforce Optimization 15.1.0.37634
Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API
network
low complexity
verint CWE-639
5.3
2020-08-21 CVE-2020-24057 OS Command Injection vulnerability in Verint S5120Fd Firmware Verintfw042
The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint ('ipfilter.cgi') that allows the user to manage network filtering on the unit.
network
low complexity
verint CWE-78
8.8
2020-08-21 CVE-2020-24056 Use of Hard-coded Credentials vulnerability in Verint 4320 Firmware, 5620Ptz Firmware and S5120Fd Firmware
A hardcoded credentials vulnerability exists in Verint 5620PTZ Verint_FW_0_42, Verint 4320 V4320_FW_0_23, V4320_FW_0_31, and Verint S5120FD Verint_FW_0_42units.
network
low complexity
verint CWE-798
7.5
2020-08-21 CVE-2020-24055 Out-of-bounds Write vulnerability in Verint 4320 Firmware and 5620Ptz Firmware
Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320_FW_0_31 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666.
network
low complexity
verint CWE-787
critical
9.8