Lucene search
K

48 matches found

Prion
Prion
added 2021/06/18 11:15 a.m.18 views

Path traversal

An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a filename. This filename can include path-traversal characters, allowing the file to be written to an arbitrary location on disk...

7.5CVSS9.3AI score0.01549EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/06/18 11:15 a.m.15 views

Code injection

An issue was discovered in Cleo LexiCom 5.5.0.0. The requirement for the sender of an AS2 message to identify themselves via encryption and signing of the message can be bypassed by changing the Content-Type of the message to text/plain...

5CVSS5.3AI score0.00585EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/06/18 10:53 a.m.140 views

CVE-2021-33577

CVE-2021-33577 affects Cleo LexiCom 5.5.0.0. The issue allows bypass of the sender authentication for AS2 messages (encryption and signing) by changing the Content-Type to text/plain. This is the root cause reported across multiple sources (NVD/Red Hat/CNNVD). No remediation details are provided ...

5.3CVSS5.3AI score0.00585EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/06/18 10:53 a.m.22 views

CVE-2021-33577

An issue was discovered in Cleo LexiCom 5.5.0.0. The requirement for the sender of an AS2 message to identify themselves via encryption and signing of the message can be bypassed by changing the Content-Type of the message to text/plain...

5.6AI score0.00585EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/06/18 10:53 a.m.23 views

CVE-2021-33576

An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a filename. This filename can include path-traversal characters, allowing the file to be written to an arbitrary location on disk...

9.6AI score0.01549EPSS
Exploits1References2
CVE
CVE
added 2021/06/18 10:53 a.m.43 views

CVE-2021-33576

CVE-2021-33576 affects Cleo LexiCom 5.5.0.0. The root cause is that an AS2 message can carry a filename containing path-traversal characters, enabling the attacker to write files to arbitrary locations on disk. The issue is documented across multiple sources (NVD, Red Hat, CVE lists). According t...

9.8CVSS9.2AI score0.01549EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/06/18 12:0 a.m.3 views

Cleo LexiCom 路径遍历漏洞

Cleo LexiCom is an integrated platform from Cleo, Inc. Accelerate EDI automation, speed trade partner on-boarding and easily resolve EDI issues. A path traversal vulnerability exists in Cleo LexiCom 5.5.0.0, which originates in an AS2 message where the sender can specify a filename that can conta...

9.8CVSS8.4AI score0.01549EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/06/18 12:0 a.m.5 views

Cleo LexiCom 安全漏洞

Cleo LexiCom is an integrated platform from Cleo, Inc. Accelerate EDI automation, speed trade partner onboarding and easily resolve EDI issues. A security vulnerability exists in Cleo LexiCom 5.5.0.0, which can be exploited by an attacker to bypass the requirement for the sender of an AS2 message...

5.3CVSS5.8AI score0.00585EPSS
Exploits1References2
Rows per page
Query Builder