Skyhigh
Products
3- 3 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-2310 | Cri | 0.65 | 10.0 | 0.01 | Jul 27, 2022 | An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is… | ||
| CVE-2023-0214 | Med | 0.43 | 6.1 | 0.02 | Jan 18, 2023 | A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing… | ||
| CVE-2022-1254 | Med | 0.40 | 6.1 | 0.01 | Apr 20, 2022 | A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 allows a remote attacker to redirect a user to a malicious website controlled by… | ||
| CVE-2024-0312 | Med | 0.36 | 5.5 | 0.00 | Mar 14, 2024 | A malicious insider can uninstall Skyhigh Client Proxy without a valid uninstall password. | ||
| CVE-2024-0311 | Med | 0.36 | 5.5 | 0.00 | Mar 14, 2024 | A malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release code. |
- risk 0.65cvss 10.0epss 0.01
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is…
- risk 0.43cvss 6.1epss 0.02
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing…
- risk 0.40cvss 6.1epss 0.01
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 allows a remote attacker to redirect a user to a malicious website controlled by…
- risk 0.36cvss 5.5epss 0.00
A malicious insider can uninstall Skyhigh Client Proxy without a valid uninstall password.
- risk 0.36cvss 5.5epss 0.00
A malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release code.