Reprise License Manager Security Vulnerabilities and Issues — Reprise License Manager CVE List

Lucene search

ReprisesoftwareReprise License Manager

3 matches found

CVE•added 2022/04/09 5:15 p.m.•90 views

CVE-2022-28365

Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. No authentication is required. The information disclosed is associated with software versions, process IDs, network configuration, hostname(s), system architecture, and file/di...

5.3CVSS5.3AI score0.35995EPSS

CVE•added 2022/04/09 5:15 p.m.•76 views

CVE-2022-28364

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/rlmswitchr_process file parameter via GET. Authentication is required.

5.4CVSS5.4AI score0.00368EPSS

CVE•added 2021/12/13 4:15 a.m.•35 views

CVE-2021-44155

An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts to login, the response if a username is valid includes Login Failed, but does not include this string if the username is invalid. This allows an attacker to enumerate valid users.

5.3CVSS5.1AI score0.0095EPSS