cbcvebase.

Automatedlogic I-Vu vulnerabilities

4 known vulnerabilities affecting automatedlogic/i-vu.

Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2017-9650P3HIGHCVSS 7.8PoC≤ 5.2≤ 5.5+2 more2017-08-25
CVE-2017-9650 [HIGH] CWE-434 CVE-2017-9650: An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporati An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker m
nvd
CVE-2017-9640P3MEDIUMCVSS 6.3PoC≤ 5.2≤ 5.5+1 more2017-08-25
CVE-2017-9640 [MEDIUM] CWE-22 CVE-2017-9640: A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteSc A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to overwrite files that
nvd
CVE-2017-9644P3HIGHCVSS 7.0PoC≤ 5.2≤ 5.5+2 more2017-08-25
CVE-2017-9644 [HIGH] CWE-428 CVE-2017-9644: An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC Web An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An unquoted search path vulnerability may a
nvd
CVE-2016-5795P3HIGHCVSS 7.3≤ 6.52017-08-31
CVE-2016-5795 [HIGH] CWE-611 CVE-2016-5795: An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 an An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior. An attacker could enter malicious input to WebCTRL, i-Vu, or SiteScan Web through a weakly configured XML parser causing the application to execute arbitrary code or discl
nvd