Lucene search
K

140 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.10 views

CVE-2020-25251

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client-side authentication is used for critical functions such as adding users or retrieving sensitive information...

9.1CVSS7.2AI score0.01216EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.4 views

CVE-2020-25248

An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Directory traversal exists for reading files, as demonstrated by the FileName parameter...

7.5CVSS7AI score0.02099EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.7 views

CVE-2020-25250

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client applications can write arbitrary data to the server logs...

7.5CVSS7.1AI score0.00908EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.9 views

CVE-2020-25253

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows SQL injection, as demonstrated by the TableName, ColumnName, Name, UserId, or Password parameter...

9.8CVSS7.6AI score0.01065EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:21 p.m.6 views

CVE-2020-25257

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows XXE attacks for read/write access to arbitrary files...

9.8CVSS7.1AI score0.01212EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:21 p.m.10 views

CVE-2020-25258

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses ASP.NET BinaryFormatter.Deserialize in a manner that allows attackers to transmit and execute bytecode in SOAP messages...

9.8CVSS7AI score0.01518EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:21 p.m.8 views

CVE-2020-25259

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses XML deserialization libraries in an unsafe manner...

9.8CVSS7.1AI score0.01421EPSS
Exploits0
OSV
OSV
added 2022/06/21 2:15 p.m.5 views

CVE-2022-23342

The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login...

5.3CVSS5.8AI score0.01197EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/06/21 2:15 p.m.5 views

CVE-2022-23342

The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login...

5.3CVSS6.1AI score0.01197EPSS
Exploits1References3
NVD
NVD
added 2022/06/21 2:15 p.m.19 views

CVE-2022-23342

The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login...

5.3CVSS0.01197EPSS
Exploits1References2
Prion
Prion
added 2022/06/21 2:15 p.m.16 views

Design/Logic Flaw

The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login...

5CVSS5.3AI score0.01197EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/21 1:29 p.m.27 views

CVE-2022-23342

The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login...

5.6AI score0.01197EPSS
Exploits1References2
CVE
CVE
added 2022/06/21 1:29 p.m.74 views

CVE-2022-23342

CVE-2022-23342 affects Hyland OnBase Application Server and OnBase releases prior to 20.3.58.1000 and 21.1.1.1000–21.1.15.1000. The issue is a username enumeration vulnerability: an attacker can determine valid usernames by inspecting responses to POST requests to the endpoint /mobilebroker/Servi...

5.3CVSS5.3AI score0.01197EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/06/21 12:0 a.m.3 views

Hyland Onbase Application Server 安全漏洞

Hyland Onbase Application Server is an enterprise information platform server from Hyland USA. Designed to manage content, processes and cases. A security vulnerability exists in Hyland Onbase Application Server versions prior to 20.3.58.1000 and Onbase versions 21.1.1.1000 through 21.1.15.1000. ...

5.3CVSS5.8AI score0.01197EPSS
Exploits1References3
CNVD
CNVD
added 2020/09/16 12:0 a.m.3 views

Hyland OnBase Information Disclosure Vulnerability

Hyland Software is an American company that develops OnBase, an enterprise content management and process management software suite. The company's suite is used in healthcare, financial institutions, insurance companies, government departments, higher education and manufacturing. Hyland OnBase ha...

9.1CVSS6.2AI score0.01216EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/16 12:0 a.m.3 views

Hyland OnBase Logging Vulnerability

Hyland Software is an American company that develops OnBase, an enterprise content management and process management software suite. The company's suite is used in healthcare, financial institutions, insurance companies, government departments, higher education and manufacturing. Hyland OnBase...

5.3CVSS6.9AI score0.00824EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.1 views

CVE-2020-25259

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses XML deserialization libraries in an unsafe manner...

9.8CVSS7.3AI score0.01421EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.2 views

CVE-2020-25258

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses ASP.NET BinaryFormatter.Deserialize in a manner that allows attackers to transmit and execute bytecode in SOAP messages...

9.8CVSS7.4AI score0.01518EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 3:15 a.m.16 views

CVE-2020-25260

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization...

9.8CVSS0.02687EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.2 views

CVE-2020-25260

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to execute arbitrary code because of unsafe JSON deserialization...

9.8CVSS7.6AI score0.02687EPSS
Exploits0References1
Rows per page
Query Builder