Liveboxcloud Vdesk
13 CVEs affecting Liveboxcloud Vdesk. Latest disclosed: 2024-06-10. Critical: 3, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-45174 | Critical | 9.8 | 2023-04-14 | An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication for SAML Users can occur under the /login/backup_cod… |
CVE-2022-45173 | Critical | 9.8 | 2023-04-14 | An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /api/v1/vdeskintegration/challen… |
CVE-2022-45172 | Critical | 9.8 | 2023-01-31 | An issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can occur under the /api/v1/registration/validateEmail endpoint, the… |
CVE-2022-45171 | High | 8.8 | 2024-05-28 | An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Unrestricted Upload of a File with a Dangerous Type can occur under the vShare web site… |
CVE-2022-45178 | High | 8.8 | 2023-04-14 | An issue was discovered in LIVEBOX Collaboration vDesk through v018. Broken Access Control exists under the /api/v1/vdeskintegration/saml/user/createorupdate e… |
CVE-2022-45177 | High | 7.5 | 2024-02-21 | An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintegration/user/isena… |
CVE-2022-45168 | Medium | 6.5 | 2024-06-10 | An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /login/backup_code endpoint and… |
CVE-2022-45180 | Medium | 6.5 | 2023-04-14 | An issue was discovered in LIVEBOX Collaboration vDesk through v018. Broken Access Control exists under the /api/v1/vdesk_{DOMAIN]/export endpoint. A malicious… |
CVE-2022-45175 | Medium | 6.5 | 2023-04-14 | An issue was discovered in LIVEBOX Collaboration vDesk through v018. An Insecure Direct Object Reference can occur under the 5.6.5-3/doc/{ID-FILE]/c/{N]/{C]/we… |
CVE-2022-45170 | Medium | 6.5 | 2023-04-14 | An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malici… |
CVE-2022-45176 | Medium | 5.4 | 2024-06-10 | An issue was discovered in LIVEBOX Collaboration vDesk through v018. Stored Cross-site Scripting (XSS) can occur under the /api/v1/getbodyfile endpoint via the… |
CVE-2022-45179 | Medium | 5.4 | 2024-02-21 | An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate en… |
CVE-2022-45169 | Medium | 5.4 | 2024-02-21 | An issue was discovered in LIVEBOX Collaboration vDesk through v031. A URL Redirection to an Untrusted Site (Open Redirect) can occur under the /api/v1/notific… |