Versa Director Security Vulnerabilities
5.3CVSS
5.3AI Score
0.001EPSS
In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores.
5.5CVSS
5.5AI Score
0.0004EPSS
In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a ...
9.8CVSS
9.8AI Score
0.006EPSS
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the Merkle-Damgardconstruction (such as MD5 and SHA-1) alone are insufficient in thwarting password cra...
5.5CVSS
5.5AI Score
0.0004EPSS
A XSS vulnerability exists in Versa Director Release: 16.1R2 Build: S8. An attacker can use the administration web interface URL to create a XSS based attack.
6.1CVSS
5.9AI Score
0.001EPSS