Unified Management Platform@23.07.0.16567 Security Vulnerabilities and Issues — Unified Management Platform@23.07.0.16567 CVE List

Lucene search

AvsystemUnified Management Platform23.07.0.16567

4 matches found

CVE•added 2024/03/18 8:15 p.m.•57 views

CVE-2024-25654

Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access credentials to authenticate to all services, and to decrypt sensitive data stored in the database.

5.5CVSS6.4AI score0.00022EPSS

CVE•added 2024/03/18 8:15 p.m.•55 views

CVE-2024-25655

Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the application database) to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP.

6.5CVSS6.8AI score0.00091EPSS

CVE•added 2024/03/18 8:15 p.m.•51 views

CVE-2024-25656

Improper input validation in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS can result in unauthenticated CPE (Customer Premises Equipment) devices storing arbitrarily large amounts of data during registration. This can potentially lead to DDoS attacks on the application database and,...

5.9CVSS7AI score0.00117EPSS

CVE•added 2024/03/18 8:15 p.m.•46 views

CVE-2024-25657

An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS could allow attackers to redirect authenticated users to malicious websites.

5.4CVSS6.6AI score0.00078EPSS