An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Max CVSS
5.9
EPSS Score
0.13%
Published
2022-06-17
Updated
2022-06-30
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service (resource consumption) via a crafted request.
Max CVSS
5.0
EPSS Score
0.15%
Published
2012-04-13
Updated
2012-04-13
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to cause a denial of service (application exit) via an unspecified command in an HTTP request.
Max CVSS
5.0
EPSS Score
0.27%
Published
2012-04-13
Updated
2012-04-13
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted HTTP request.
Max CVSS
5.0
EPSS Score
0.33%
Published
2012-04-13
Updated
2012-04-13
Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request.
Max CVSS
5.0
EPSS Score
1.35%
Published
2012-04-13
Updated
2012-04-13
Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service (daemon crash) via crafted requests to TCP port 4840.
Max CVSS
5.0
EPSS Score
0.28%
Published
2012-01-19
Updated
2012-01-20
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!