Vendor
Cordaware
Products
4
CVEs
2
Across products
3
Status
Private
Products
4- 2 CVEs
- 1 CVE
- 0 CVEs
- 0 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-6266 | Cri | 0.64 | 9.8 | 0.01 | Feb 25, 2019 | Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext. | ||
| CVE-2019-6265 | Hig | 0.51 | 7.8 | 0.01 | Feb 25, 2019 | The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges. |
- risk 0.64cvss 9.8epss 0.01
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext.
- risk 0.51cvss 7.8epss 0.01
The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges.