Vulnerabilities > Vertiv
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-30 | CVE-2019-9509 | Cross-site Scripting vulnerability in Vertiv Avocent Umg-4000 Firmware 4.2.1.19 The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. | 3.5 |
| 2020-03-30 | CVE-2019-9508 | Cross-site Scripting vulnerability in Vertiv Avocent Umg-4000 Firmware 4.2.1.19 The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to stored XSS. | 3.5 |
| 2020-03-30 | CVE-2019-9507 | Command Injection vulnerability in Vertiv Avocent Umg-4000 Firmware 4.2.1.19 The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. | 9.0 |
| 2018-06-28 | CVE-2018-12922 | Incorrect Permission Assignment for Critical Resource vulnerability in Vertiv Liebert Intellislot Firmware Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control via the config/configUser.htm or config/configTelnet.htm URI. | 5.0 |
| 2018-04-20 | CVE-2018-10079 | Improper Privilege Management vulnerability in Vertiv Watchdog Console 3.2.2 Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating (1) config.xml or (2) servers.xml. | 2.1 |
| 2018-04-20 | CVE-2018-10078 | Cross-site Scripting vulnerability in Vertiv Watchdog Console 3.2.2 Cross-site scripting (XSS) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description. | 3.5 |
| 2018-04-20 | CVE-2018-10077 | XXE vulnerability in Vertiv Watchdog Console 3.2.2 XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data. | 4.0 |
| 2017-04-10 | CVE-2015-7260 | Permissions, Privileges, and Access Controls vulnerability in Vertiv Liebert Multilink Automated Shutdown 4.2.4 Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file. | 7.2 |