Portfolio Security Vulnerabilities and Issues — Portfolio CVE List

Lucene search

ExtensisPortfolio

5 matches found

CVE•added 2022/03/01 11:15 p.m.•100 views

CVE-2022-24253

Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet.

8.8CVSS8.7AI score0.00701EPSS

CVE•added 2022/03/01 11:15 p.m.•89 views

CVE-2022-24252

An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file.

8.8CVSS8.8AI score0.02426EPSS

CVE•added 2022/03/01 11:15 p.m.•80 views

CVE-2022-24254

An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file.

8.8CVSS8.8AI score0.02489EPSS

CVE•added 2022/03/01 11:15 p.m.•79 views

CVE-2022-24255

Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges.

9CVSS8.9AI score0.00292EPSS

CVE•added 2022/03/01 11:15 p.m.•76 views

CVE-2022-24251

Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function.

8.8CVSS8.7AI score0.00701EPSS