| CVE-2024-9188 | | 0.00 | — | 0.01 | | Jan 10, 2025 | Specially constructed queries cause cross platform scripting leaking administrator tokens |
| CVE-2024-47520 | | 0.00 | — | 0.00 | | Jan 10, 2025 | A user with advanced report application access rights can perform actions for which they are not authorized |
| CVE-2024-47519 | | 0.00 | — | 0.00 | | Jan 10, 2025 | Backup uploads to ETM subject to man-in-the-middle interception |
| CVE-2024-47518 | | 0.00 | — | 0.00 | | Jan 10, 2025 | Specially constructed queries targeting ETM could discover active remote access sessions |
| CVE-2024-47517 | | 0.00 | — | 0.00 | | Jan 10, 2025 | Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access |
| CVE-2024-9134 | | 0.00 | — | 0.00 | | Jan 10, 2025 | Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges. |
| CVE-2024-9133 | | 0.00 | — | 0.00 | | Jan 10, 2025 | A user with administrator privileges is able to retrieve authentication tokens |
| CVE-2024-9132 | | 0.00 | — | 0.01 | | Jan 10, 2025 | The administrator is able to configure an insecure captive portal script |
| CVE-2024-9131 | | 0.00 | — | 0.00 | | Jan 10, 2025 | A user with administrator privileges can perform command injection |
