Vendor
Areal
Products
3
CVEs
2
Across products
2
Status
Private
Products
3- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-50356 | Med | 0.42 | 6.5 | 0.00 | Jan 31, 2024 | SSL connections to some LDAP servers are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision (Server). This allows a remote unauthenticated attacker to gather sensitive information and prevent valid users from login. | ||
| CVE-2023-50357 | Med | 0.35 | 5.4 | 0.00 | Jan 31, 2024 | A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low-privileged attacker to gain escalated privileges of other non-admin users. |
- risk 0.42cvss 6.5epss 0.00
SSL connections to some LDAP servers are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision (Server). This allows a remote unauthenticated attacker to gather sensitive information and prevent valid users from login.
- risk 0.35cvss 5.4epss 0.00
A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low-privileged attacker to gain escalated privileges of other non-admin users.