VYPR

Web Server Enterprise

by WebLog Expert

CVEs (2)

  • CVE-2018-7582HigMar 9, 2018
    risk 0.55cvss 7.5epss 0.38

    WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long HTTP Accept Header to TCP port 9991.

  • CVE-2018-7581HigMar 9, 2018
    risk 0.54cvss 7.8epss 0.01

    \ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin.