Kiteworks Appliance@* Security Vulnerabilities and Issues — Kiteworks Appliance@* CVE List

Lucene search

AccellionKiteworks Appliance*

3 matches found

CVE•added 2016/08/26 7:59 p.m.•45 views

CVE-2016-5664

Directory traversal vulnerability on Accellion Kiteworks appliances before kw2016.03.00 allows remote attackers to read files via a crafted URI.

5CVSS4.7AI score0.00479EPSS

CVE•added 2016/08/26 7:59 p.m.•39 views

CVE-2016-5662

Accellion Kiteworks appliances before kw2016.03.00 use setuid-root permissions for /opt/bin/cli, which allows local users to gain privileges via unspecified vectors.

7.8CVSS7.6AI score0.00034EPSS

CVE•added 2016/08/26 7:59 p.m.•30 views

CVE-2016-5663

Multiple cross-site scripting (XSS) vulnerabilities in oauth_callback.php on Accellion Kiteworks appliances before kw2016.03.00 allow remote attackers to inject arbitrary web script or HTML via the (1) code, (2) error, or (3) error_description parameter.

6.1CVSS6.1AI score0.00295EPSS