SNMPc Online
by Castlerock
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-11553 | Hig | 0.57 | 8.8 | 0.01 | Apr 9, 2020 | An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There is pervasive CSRF. | ||
| CVE-2020-11557 | Hig | 0.49 | 7.5 | 0.01 | Apr 9, 2020 | An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the username and password values in cleartext within each request's cookie value. | ||
| CVE-2020-11555 | Hig | 0.49 | 7.5 | 0.01 | Apr 9, 2020 | An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive credential information from backup files. | ||
| CVE-2020-11554 | Hig | 0.49 | 7.5 | 0.01 | Apr 9, 2020 | An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive information via info.php4. | ||
| CVE-2020-11556 | Med | 0.35 | 5.4 | 0.01 | Apr 9, 2020 | An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There are multiple persistent (stored) and reflected XSS vulnerabilities. |
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There is pervasive CSRF.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the username and password values in cleartext within each request's cookie value.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive credential information from backup files.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive information via info.php4.
- risk 0.35cvss 5.4epss 0.01
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There are multiple persistent (stored) and reflected XSS vulnerabilities.