Vulnerabilities > Xceedium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-18 | CVE-2015-4664 | Improper Input Validation vulnerability in multiple products An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands. | 9.8 |
2017-09-25 | CVE-2015-4669 | SQL Injection vulnerability in Xceedium Xsuite 2.3.0/2.4.3.0 The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system. | 7.8 |
2017-09-25 | CVE-2015-4668 | Open Redirect vulnerability in Xceedium Xsuite 2.3.0/2.4.3.0 Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter. | 6.1 |
2017-09-25 | CVE-2015-4667 | Use of Hard-coded Credentials vulnerability in Xceedium Xsuite 2.3.0/2.4.3.0 Multiple hardcoded credentials in Xsuite 2.x. | 9.8 |