VYPR

Caterease

by Horizon

CVEs (4)

  • CVE-2024-38887CriAug 2, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to expand control over the operating system from the database due to the execution of commands with unnecessary privileges.

  • CVE-2024-38886CriAug 2, 2024
    risk 0.64cvss 9.8epss 0.01

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel.

  • CVE-2024-38883CriAug 2, 2024
    risk 0.59cvss 9.1epss 0.00

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation.

  • CVE-2024-38885HigAug 2, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application.