Web Services
by Bruno Massa
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-50733 | Hig | 0.56 | 8.6 | 0.00 | Jan 21, 2025 | A Server-Side Request Forgery (SSRF) vulnerability has been identified in the Web Services feature of newer Lexmark devices. | ||
| CVE-2024-32931 | 0.00 | — | 0.00 | Aug 1, 2024 | Under certain circumstances the exacqVision Web Service can expose authentication token details within communications. | |||
| CVE-2024-32864 | 0.00 | — | 0.00 | Aug 1, 2024 | Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS) | |||
| CVE-2018-6885 | 0.00 | — | 0.01 | May 14, 2019 | An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4 Hotfix 7, and before 10.11. The vulnerability is unauthenticated and leads to access to the asset files with the MicroStrategy user privileges. (This includes the credentials to… | |||
| CVE-2009-4044 | 0.00 | — | 0.01 | Nov 20, 2009 | The Web Services module 6.x for Drupal does not perform the expected access control, which allows remote attackers to make unspecified use of an API via unknown vectors. |
- risk 0.56cvss 8.6epss 0.00
A Server-Side Request Forgery (SSRF) vulnerability has been identified in the Web Services feature of newer Lexmark devices.
- CVE-2024-32931Aug 1, 2024risk 0.00cvss —epss 0.00
Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.
- CVE-2024-32864Aug 1, 2024risk 0.00cvss —epss 0.00
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
- CVE-2018-6885May 14, 2019risk 0.00cvss —epss 0.01
An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4 Hotfix 7, and before 10.11. The vulnerability is unauthenticated and leads to access to the asset files with the MicroStrategy user privileges. (This includes the credentials to…
- CVE-2009-4044Nov 20, 2009risk 0.00cvss —epss 0.01
The Web Services module 6.x for Drupal does not perform the expected access control, which allows remote attackers to make unspecified use of an API via unknown vectors.