Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Saltosystem Security Vulnerabilities

cve
cve

CVE-2019-19457

SALTO ProAccess SPACE 5.4.3.0 allows XSS.

5.4CVSS

5.5AI Score

0.003EPSS

2019-12-03 08:15 PM
28
cve
cve

CVE-2019-19458

SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature.

8.6CVSS

6.6AI Score

0.016EPSS

2019-12-03 08:15 PM
28
cve
cve

CVE-2019-19459

An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server.

9.8CVSS

7.2AI Score

0.033EPSS

2019-12-03 08:15 PM
28
cve
cve

CVE-2019-19460

An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to e...

5.5CVSS

6.4AI Score

0.033EPSS

2019-12-03 07:15 PM
30