Systematic
Products
3- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-18925 | Cri | 0.64 | 9.8 | 0.01 | Nov 12, 2019 | Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication. | ||
| CVE-2019-18926 | Med | 0.40 | 6.1 | 0.01 | Nov 12, 2019 | Systematic IRIS Standards Management (ISM) v2.1 SP1 89 is vulnerable to unauthenticated reflected Cross Site Scripting (XSS). A user input (related to dialog information) is reflected directly in the web page, allowing a malicious user to conduct a Cross Site Scripting attack… | ||
| CVE-2018-9115 | Med | 0.38 | 5.3 | 0.06 | Apr 4, 2018 | Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice… | ||
| CVE-2019-18924 | Med | 0.35 | 5.3 | 0.01 | Nov 12, 2019 | Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists. |
- risk 0.64cvss 9.8epss 0.01
Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.
- risk 0.40cvss 6.1epss 0.01
Systematic IRIS Standards Management (ISM) v2.1 SP1 89 is vulnerable to unauthenticated reflected Cross Site Scripting (XSS). A user input (related to dialog information) is reflected directly in the web page, allowing a malicious user to conduct a Cross Site Scripting attack…
- risk 0.38cvss 5.3epss 0.06
Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice…
- risk 0.35cvss 5.3epss 0.01
Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists.