Vulnerabilities (CVE)

Filtered by vendor Lynxspring Subscribe
Filtered by product Jenesys Bas Bridge
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-8378 1 Lynxspring 1 Jenesys Bas Bridge 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials.
CVE-2016-8369 1 Lynxspring 1 Jenesys Bas Bridge 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request (CROSS-SITE REQUEST FORGERY).
CVE-2016-8361 1 Lynxspring 1 Jenesys Bas Bridge 2024-11-21 7.5 HIGH 8.6 HIGH
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication.
CVE-2016-8357 1 Lynxspring 1 Jenesys Bas Bridge 2024-11-21 5.5 MEDIUM 7.1 HIGH
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application.