Spe Slm
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-3864 | Hig | 0.47 | 7.2 | 0.00 | Aug 11, 2023 | Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands via the web portal. | ||
| CVE-2022-0883 | Hig | 0.47 | 7.3 | 0.00 | May 18, 2022 | SLM has an issue with Windows Unquoted/Trusted Service Paths Security Issue. All installations version 9.x.x prior to 9.20.1 should be patched. | ||
| CVE-2023-2679 | Med | 0.27 | 4.1 | 0.00 | May 17, 2023 | Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data. |
- risk 0.47cvss 7.2epss 0.00
Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands via the web portal.
- risk 0.47cvss 7.3epss 0.00
SLM has an issue with Windows Unquoted/Trusted Service Paths Security Issue. All installations version 9.x.x prior to 9.20.1 should be patched.
- risk 0.27cvss 4.1epss 0.00
Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data.