Command Center
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-49367 | Hig | 0.57 | 8.8 | 0.00 | Sep 18, 2025 | An issue in user interface in Kyocera Command Center RX EXOSYS M5521cdn allows remote to obtain sensitive information via inspecting sent packages by user. | ||
| CVE-2015-7999 | Hig | 0.53 | 8.1 | 0.02 | Apr 14, 2016 | Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center before 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2015-2682 | 0.04 | — | 0.11 | Mar 26, 2015 | Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml. | |||
| CVE-2003-0974 | 0.03 | — | 0.03 | Dec 15, 2003 | Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c. | |||
| CVE-2022-50932 | 0.00 | — | 0.04 | Jan 13, 2026 | Kyocera Command Center RX ECOSYS M2035dn contains a directory traversal vulnerability that allows unauthenticated attackers to read sensitive system files by manipulating file paths under the /js/ path. Attackers can exploit the issue by sending requests like… | |||
| CVE-2021-3919 | 0.00 | — | 0.01 | Nov 21, 2022 | A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command Center which may allow escalation of privilege and/or denial of service. HP has released software updates to mitigate the potential vulnerability. | |||
| CVE-2022-23858 | 0.00 | — | 0.01 | Jan 24, 2022 | A flaw was found in the REST API. An improperly handled REST API call could allow any logged user to elevate privileges up to the system account. This affects StarWind Command Center build 6003 v2. | |||
| CVE-2021-45389 | 0.00 | — | 0.01 | Jan 4, 2022 | A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864. | |||
| CVE-2019-6452 | 0.00 | — | 0.03 | Jun 6, 2019 | Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password. | |||
| CVE-2015-2683 | 0.00 | — | 0.05 | Mar 26, 2015 | Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 does not properly restrict access to the Advent Java Management Extensions (JMX) Servlet, which allows remote attackers to execute arbitrary code via unspecified vectors to servlets/Jmx_dynamic. |
- risk 0.57cvss 8.8epss 0.00
An issue in user interface in Kyocera Command Center RX EXOSYS M5521cdn allows remote to obtain sensitive information via inspecting sent packages by user.
- risk 0.53cvss 8.1epss 0.02
Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center before 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
- CVE-2015-2682Mar 26, 2015risk 0.04cvss —epss 0.11
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml.
- CVE-2003-0974Dec 15, 2003risk 0.03cvss —epss 0.03
Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c.
- CVE-2022-50932Jan 13, 2026risk 0.00cvss —epss 0.04
Kyocera Command Center RX ECOSYS M2035dn contains a directory traversal vulnerability that allows unauthenticated attackers to read sensitive system files by manipulating file paths under the /js/ path. Attackers can exploit the issue by sending requests like…
- CVE-2021-3919Nov 21, 2022risk 0.00cvss —epss 0.01
A potential security vulnerability has been identified in OMEN Gaming Hub and in HP Command Center which may allow escalation of privilege and/or denial of service. HP has released software updates to mitigate the potential vulnerability.
- CVE-2022-23858Jan 24, 2022risk 0.00cvss —epss 0.01
A flaw was found in the REST API. An improperly handled REST API call could allow any logged user to elevate privileges up to the system account. This affects StarWind Command Center build 6003 v2.
- CVE-2021-45389Jan 4, 2022risk 0.00cvss —epss 0.01
A flaw was found with the JWT token. A self-signed JWT token could be injected into the update manager and bypass the authentication process, thus could escalate privileges. This affects StarWind SAN and NAS build 1578 and StarWind Command Center build 6864.
- CVE-2019-6452Jun 6, 2019risk 0.00cvss —epss 0.03
Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remote attackers to abuse the Test button in the machine address book to obtain a cleartext FTP or SMB password.
- CVE-2015-2683Mar 26, 2015risk 0.00cvss —epss 0.05
Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 does not properly restrict access to the Advent Java Management Extensions (JMX) Servlet, which allows remote attackers to execute arbitrary code via unspecified vectors to servlets/Jmx_dynamic.