Wbsairback White Bear Solutions
16 CVEs affecting Wbsairback White Bear Solutions. Latest disclosed: 2024-05-14. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-3781 | Critical | 9.1 | 2024-04-15 | Command injection vulnerability in the operating system. Improper neutralisation of special elements in Active Directory integration allows the intended comman… |
CVE-2024-3782 | High | 8.8 | 2024-04-15 | Cross-Site Request Forgery vulnerability in WBSAirback 21.02.04, which could allow an attacker to create a manipulated HTML form to perform privileged actions… |
CVE-2024-3783 | High | 7.7 | 2024-04-15 | The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerability, allowing a user with low privileges to download files from the… |
CVE-2024-3788 | Medium | 6.6 | 2024-05-14 | Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through License (/admin/CDPUsers). Exploitation of… |
CVE-2024-3787 | Medium | 6.6 | 2024-05-14 | Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 disks (/admin/DeviceS3). Exploitation of… |
CVE-2024-3786 | Medium | 6.6 | 2024-04-15 | Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device Synchronizations (/admin/DeviceRepli… |
CVE-2024-3785 | Medium | 6.6 | 2024-04-15 | Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device NAS shared section (/admin/DeviceNAS… |
CVE-2024-3784 | Medium | 6.6 | 2024-04-15 | Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 Accounts (/admin/CloudAccounts). Exploit… |
CVE-2024-3789 | Medium | 6.5 | 2024-05-14 | Uncontrolled resource consumption vulnerability in White Bear Solutions WBSAirback, version 21.02.04. This vulnerability could allow an attacker to send multip… |
CVE-2024-3796 | Medium | 4.8 | 2024-05-14 | Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/BackupSchedule, description field. Exploitation of t… |
CVE-2024-3795 | Medium | 4.8 | 2024-05-14 | Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/BackupTemplate, name / description fields. Exploitat… |
CVE-2024-3794 | Medium | 4.8 | 2024-05-14 | Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/AdvancedSystem, description field, all parameters. E… |
CVE-2024-3793 | Medium | 4.8 | 2024-05-14 | Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/CloudAccounts, account name / user password / server… |
CVE-2024-3792 | Medium | 4.8 | 2024-05-14 | Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/DeviceReplication, execution range field, all parame… |
CVE-2024-3791 | Medium | 4.8 | 2024-05-14 | Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/SystemConfiguration, name / free memory limit fields… |
CVE-2024-3790 | Medium | 4.8 | 2024-05-14 | Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/SystemUsers, login / description fields, passwd1/ pa… |