cbcvebase.

Netgain-Systems Enterprise Manager vulnerabilities

25 known vulnerabilities affecting netgain-systems/enterprise_manager.

Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
2
Severity breakdown
CRITICAL5HIGH8MEDIUM12

Vulnerabilities

Page 2 of 2
CVE-2017-16591P3MEDIUMCVSS 6.5v7.2.6992018-01-23
CVE-2017-16591 [MEDIUM] CWE-22 CVE-2017-16591: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.699 build 1001. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.restore.do
nvd
CVE-2017-16596P3MEDIUMCVSS 6.5v7.2.7302018-01-23
CVE-2017-16596 [MEDIUM] CWE-22 CVE-2017-16596: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installat This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.designer.s
nvd
CVE-2017-16601P3MEDIUMCVSS 6.5v7.2.7302018-01-23
CVE-2017-16601 [MEDIUM] CWE-22 CVE-2017-16601: This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.template
nvd
CVE-2017-16600P3MEDIUMCVSS 6.5v7.2.7302018-01-23
CVE-2017-16600 [MEDIUM] CWE-22 CVE-2017-16600: This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.network
nvd
CVE-2018-10586P4MEDIUMCVSS 4.8fixed in 10.1.122018-11-01
CVE-2018-10586 [MEDIUM] CWE-79 CVE-2018-10586: NetGain Enterprise Manager (EM) is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabil NetGain Enterprise Manager (EM) is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities in versions before 10.1.12.
nvd
Netgain-Systems Enterprise Manager vulnerabilities | cvebase