Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Network Management Card 3 Security Vulnerabilities

cve
cve

CVE-2021-22825

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could allow an attacker to access the system with elevated privileges when a privileged account clicks on a malicious URL that compromises the security token. Affected Products: AP7xxxx and AP8xxx with.....

8CVSS

7.6AI Score

0.001EPSS

2022-01-28 08:15 PM
27
cve
cve

CVE-2021-22811

A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause script execution when the request of a privileged account accessing the vulnerable web page is intercepted. Affected Products: 1-Phase Uninterruptible Power Supply...

6.1CVSS

6.2AI Score

0.001EPSS

2022-01-28 08:15 PM
30
cve
cve

CVE-2021-22814

A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists which could cause arbritrary script execution when a malicious file is read and displayed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) using NMC2 including...

6.1CVSS

6.2AI Score

0.001EPSS

2022-01-28 08:15 PM
30
cve
cve

CVE-2021-22815

A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2): AP9630/AP9630CH/AP9630J,....

5.3CVSS

5.2AI Score

0.001EPSS

2022-01-28 08:15 PM
28
cve
cve

CVE-2021-22813

A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit policy file. Affected Products:.....

6.1CVSS

6.1AI Score

0.001EPSS

2022-01-28 08:15 PM
29
cve
cve

CVE-2021-22812

A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC. Affected Products: 1-Phase Uninterruptible Power...

6.1CVSS

6.2AI Score

0.001EPSS

2022-01-28 08:15 PM
37
cve
cve

CVE-2021-22810

A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to a delete policy file. Affected Products:....

6.1CVSS

6.1AI Score

0.001EPSS

2022-01-28 08:15 PM
37