VYPR

Server Automation

by Microfocus

CVEs (3)

  • CVE-2017-5638CriKEVMar 11, 2017
    risk 0.86cvss 9.8epss 1.00

    The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type,…

  • CVE-2017-9453Sep 5, 2023
    risk 0.00cvss epss 0.01

    BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of authentication bypass.

  • CVE-2021-29238May 3, 2021
    risk 0.00cvss epss 0.01

    CODESYS Automation Server before 1.16.0 allows cross-site request forgery (CSRF).