VYPR
Vendor

Lynxspring

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2016-8378CriFeb 13, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials.

  • CVE-2016-8369HigFeb 13, 2017
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request (CROSS-SITE REQUEST FORGERY).

  • CVE-2016-8361HigFeb 13, 2017
    risk 0.56cvss 8.6epss 0.02

    An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication.

  • CVE-2016-8357HigFeb 13, 2017
    risk 0.46cvss 7.1epss 0.01

    An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the…