Loftware Spectrum

8 CVEs affecting Loftware Spectrum. Latest disclosed: 2024-09-10. Critical: 4, High: 4.

Top CVEs affecting Loftware Spectrum
CVESeverityScorePublishedSummary
CVE-2023-37234Critical9.82024-09-10Loftware Spectrum through 4.6 has unprotected JMX Registry.
CVE-2023-37231Critical9.82024-09-10Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password.
CVE-2023-37227Critical9.82024-09-10Loftware Spectrum before 4.6 HF13 Deserializes Untrusted Data.
CVE-2023-37226Critical9.82024-09-10Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.
CVE-2023-37233High8.82024-09-10Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks.
CVE-2023-37230High8.82024-09-10Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.
CVE-2023-37229High8.82024-09-10Loftware Spectrum before 5.1 allows SSRF.
CVE-2023-37232High7.52024-09-10Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor.