6 matches found
CVE-2023-21410
CVE-2023-21410 affects the AXIS License Plate Verifier via the api.cgi endpoint, where user input is not sanitized, enabling arbitrary code execution. Public details (NVD) list a high-impact CVSSv3.1 score (base 8.8) with NETWORK attack vector, low attack complexity, and privileges required as lo...
CVE-2023-21412
CVE-2023-21412 affects AXIS License Plate Verifier’s search.cgi endpoint where user input is not sanitized, enabling SQL injection. This is referenced in NVD/Red Hat entries for the AXIS product, indicating potential unauthorized database access/manipulation with high impact to confidentiality, i...
CVE-2023-21408
CVE-2023-21408: The description indicates an issue of insufficient file permissions that could let unprivileged users access unencrypted credentials used by the integration interface to third-party systems. The provided metrics show a high to critical impact (confidentiality, integrity, availabil...
CVE-2023-21411
Technical details about CVE-2023-21411 are not publicly provided in the supplied documents; monitor for updates from Axis/Red Hat and NVD.
CVE-2023-21407
Technical details about CVE-2023-21407 are not publicly provided in the supplied documents. The initial description notes broken access control enabling privilege escalation, but there is no product/vendor/version, impact specifics, or remediation information in the connected materials.
CVE-2023-21409
CVE-2023-21409: The issue is described as insufficient file permissions that allow unprivileged users to access unencrypted administrator credentials and configure the application. The Red Hat entry reiterates this description. No concrete remediation, affected product/version specifics, exploit ...