VYPR

Enterprise VA MAX

by Loadbalancer.org

CVEs (3)

  • CVE-2018-18864CriNov 20, 2018
    risk 0.63cvss 9.6epss 0.03

    Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are displayed.

  • CVE-2020-13378HigMay 12, 2023
    risk 0.57cvss 8.8epss 0.03

    Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code.

  • CVE-2020-13377HigMay 12, 2023
    risk 0.53cvss 8.1epss 0.02

    The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files.