VYPR

bestinformed Microsoft Windows client

by Cordaware

CVEs (2)

  • CVE-2019-6266CriFeb 25, 2019
    risk 0.64cvss 9.8epss 0.01

    Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext.

  • CVE-2019-6265HigFeb 25, 2019
    risk 0.51cvss 7.8epss 0.01

    The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges.