Lucene search
K
UntangleNg Firewall

4 matches found

CVE
CVE
added 2019/11/14 2:3 p.m.55 views

CVE-2019-18649

The CVE-2019-18649 entry concerns Untangle NG firewall 14.2.0 where an admin-authenticated user can trigger a stored XSS in the Title input under Reports. Documented impact metrics include CVSS v2 base score 3.5 (LOW) and CVSS v3.1 base score 4.8 (MEDIUM); both indicate potential confidentiality/...

4.8CVSS5AI score0.00523EPSS
CVE
CVE
added 2019/11/14 2:16 p.m.52 views

CVE-2019-18647

CVE-2019-18647 concerns Untangle NG firewall 14.2.0, with an authenticated command injection when logged in as an admin user. The vulnerability is described across multiple sources (NVD, Red Hat advisory, CVE lists) and is classified with high impact (C/H/I/A) and a high base score (CVSS v3.1: 7....

9CVSS7.1AI score0.01869EPSS
CVE
CVE
added 2019/11/14 2:17 p.m.50 views

CVE-2019-18646

Affected product/versions: Untangle NG firewall 14.2.0. Vulnerability: authenticated inline-query SQL injection in the timeDataDynamicColumn parameter when logged in as an admin user. Root cause: improper handling of inline SQL in the affected parameter. Impact: not explicitly quantified beyond t...

7.2CVSS7.2AI score0.00907EPSS
CVE
CVE
added 2019/11/14 2:13 p.m.45 views

CVE-2019-18648

CVE-2019-18648 affects Untangle NG firewall 14.2.0 with a reflected XSS vulnerability exploitable when an administrator is logged in. The weakness is reported at multiple input fields and other input points, enabling injection of malicious scripts via user-supplied data. The provided documents in...

4.8CVSS4.9AI score0.00523EPSS