2 matches found
CVE-2022-2893
RONDS EPM version 1.19.5 does not properly validate the filenameparameter, which could allow an unauthorized user to specify file pathsand download files.
CVE-2022-3091
RONDS EPM version 1.19.5 has a vulnerability in which a function couldallow unauthenticated users to leak credentials. In some circumstances,an attacker can exploit this vulnerability to execute operating system(OS) commands.