Ixpdata Easyinstall
13 CVEs affecting Ixpdata Easyinstall. Latest disclosed: 2023-10-19. Critical: 3, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-19896 | Critical | 9.9 | 2020-01-23 | In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak permissions on the Engine Service share. The default file permissions of the IXP$ share o… |
CVE-2023-30131 | Critical | 9.8 | 2023-10-19 | An issue discovered in IXP EasyInstall 6.6.14884.0 allows attackers to run arbitrary commands, gain escalated privilege, and cause other unspecified impacts vi… |
CVE-2019-19897 | Critical | 9.8 | 2020-01-23 | In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP… |
CVE-2022-35120 | High | 8.8 | 2022-12-01 | IXPdata EasyInstall 6.6.14725 contains an access control issue. |
CVE-2023-27791 | High | 8.1 | 2023-10-19 | An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG. |
CVE-2023-30132 | High | 7.8 | 2023-10-19 | An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated privileges via static Cryptographic Key. |
CVE-2023-27795 | High | 7.8 | 2023-10-19 | An issue found in IXP Data Easy Install v.6.6.14884.0 allows a local attacker to gain privileges via a static XOR key. |
CVE-2023-27793 | High | 7.8 | 2023-10-19 | An issue discovered in IXP Data Easy Install v.6.6.14884.0 allows local attackers to gain escalated privileges via weak encoding of sensitive information. |
CVE-2023-27792 | High | 7.8 | 2023-10-19 | An issue found in IXP Data Easy Install v.6.6.14884.0 allows an attacker to escalate privileges via lack of permissions applied to sub directories. |
CVE-2019-19895 | High | 7.8 | 2020-01-23 | In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Agent Service) against other users on a client system. An authenticated attacker can, by mod… |
CVE-2019-19898 | High | 7.5 | 2020-01-23 | In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely. |
CVE-2019-19893 | High | 7.5 | 2020-01-23 | In IXP EasyInstall 6.2.13723, there is Directory Traversal on TCP port 8000 via the Engine Service by an unauthenticated attacker, who can access the server's… |
CVE-2019-19894 | Medium | 5.5 | 2020-01-23 | In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UAC by using the Agent Service on a client system. An authenticated attacker (non-admin) ca… |