Crimson@3.1 Security Vulnerabilities and Issues — Crimson@3.1 CVE List

Lucene search

RedlionCrimson3.1

4 matches found

CVE•added 2021/01/06 4:15 p.m.•39 views

CVE-2020-27283

An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory locations.

5.3CVSS5.2AI score0.00179EPSS

CVE•added 2022/11/17 10:15 p.m.•36 views

CVE-2022-3090

Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user's password hash is sent to an arbitrary host. This could ...

7.5CVSS5.3AI score0.00094EPSS

CVE•added 2021/01/06 4:15 p.m.•34 views

CVE-2020-27279

A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker could send a specially crafted packet that could reboot the device running Crimson 3.1 (Build versions prior to 3119.001).

7.8CVSS7.3AI score0.0011EPSS

CVE•added 2021/01/06 3:15 p.m.•30 views

CVE-2020-27285

The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database without authentication.

9.1CVSS8.8AI score0.0019EPSS