Ixpdata Easyinstall

13 CVEs affecting Ixpdata Easyinstall. Latest disclosed: 2023-10-19. Critical: 3, High: 9.

Top CVEs affecting Ixpdata Easyinstall
CVESeverityScorePublishedSummary
CVE-2019-19896Critical9.92020-01-23In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak permissions on the Engine Service share. The default file permissions of the IXP$ share o…
CVE-2023-30131Critical9.82023-10-19An issue discovered in IXP EasyInstall 6.6.14884.0 allows attackers to run arbitrary commands, gain escalated privilege, and cause other unspecified impacts vi…
CVE-2019-19897Critical9.82020-01-23In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP…
CVE-2022-35120High8.82022-12-01IXPdata EasyInstall 6.6.14725 contains an access control issue.
CVE-2023-27791High8.12023-10-19An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG.
CVE-2023-30132High7.82023-10-19An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated privileges via static Cryptographic Key.
CVE-2023-27795High7.82023-10-19An issue found in IXP Data Easy Install v.6.6.14884.0 allows a local attacker to gain privileges via a static XOR key.
CVE-2023-27793High7.82023-10-19An issue discovered in IXP Data Easy Install v.6.6.14884.0 allows local attackers to gain escalated privileges via weak encoding of sensitive information.
CVE-2023-27792High7.82023-10-19An issue found in IXP Data Easy Install v.6.6.14884.0 allows an attacker to escalate privileges via lack of permissions applied to sub directories.
CVE-2019-19895High7.82020-01-23In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Agent Service) against other users on a client system. An authenticated attacker can, by mod…
CVE-2019-19898High7.52020-01-23In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely.
CVE-2019-19893High7.52020-01-23In IXP EasyInstall 6.2.13723, there is Directory Traversal on TCP port 8000 via the Engine Service by an unauthenticated attacker, who can access the server's…
CVE-2019-19894Medium5.52020-01-23In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UAC by using the Agent Service on a client system. An authenticated attacker (non-admin) ca…