Mik.starlight Security Vulnerabilities and Issues — Mik.starlight CVE List

Lucene search

Unit4Mik.starlight

4 matches found

CVE•added 2021/08/31 6:15 p.m.•34 views

CVE-2021-36231

Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects.

9CVSS8.8AI score0.01102EPSS

CVE•added 2021/08/31 6:15 p.m.•33 views

CVE-2021-36232

Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges.

8.8CVSS8.7AI score0.00432EPSS

CVE•added 2021/08/31 6:15 p.m.•32 views

CVE-2021-36234

Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors.

5.5CVSS5.3AI score0.00046EPSS

CVE•added 2021/08/31 6:15 p.m.•30 views

CVE-2021-36233

The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path.

6.5CVSS6.2AI score0.00422EPSS