NotCVE - vendor:"Ixpdata" product:"Easyinstall" version:"6.6.148840"

4 results (0.022 seconds)

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-27791

https://notcve.org/view.php?id=CVE-2023-27791

19 Oct 2023 — An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG. Un problema encontrado en IXP Data Easy Install 6.6.148840 permite a un atacante remoto escalar privilegios a través de PRNG inseguro. • https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-27792

https://notcve.org/view.php?id=CVE-2023-27792

19 Oct 2023 — An issue found in IXP Data Easy Install v.6.6.14884.0 allows an attacker to escalate privileges via lack of permissions applied to sub directories. Un problema encontrado en IXP Data Easy Install v.6.6.14884.0 permite a un atacante escalar privilegios debido a la falta de permisos aplicados a los subdirectorios. • https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue • CWE-862: Missing Authorization •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-27795

https://notcve.org/view.php?id=CVE-2023-27795

19 Oct 2023 — An issue found in IXP Data Easy Install v.6.6.14884.0 allows a local attacker to gain privileges via a static XOR key. Un problema encontrado en IXP Data Easy Install v.6.6.14884.0 permite a un atacante local obtener privilegios a través de una clave XOR estática. • https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue • CWE-269: Improper Privilege Management •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-30131

https://notcve.org/view.php?id=CVE-2023-30131

19 Oct 2023 — An issue discovered in IXP EasyInstall 6.6.14884.0 allows attackers to run arbitrary commands, gain escalated privilege, and cause other unspecified impacts via unauthenticated API calls. Un problema descubierto en IXP EasyInstall 6.6.14884.0 permite a los atacantes ejecutar comandos arbitrarios, obtener privilegios elevados y causar otros impactos no especificados a través de llamadas API no autenticadas. • https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue • CWE-94: Improper Control of Generation of Code ('Code Injection') •