Vulnerabilities (CVE)

Filtered by vendor Efacec Subscribe
Filtered by product Uc 500e
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-50706 1 Efacec 2 Uc 500e, Uc 500e Firmware 2024-11-21 N/A 4.1 MEDIUM
A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session tokens.
CVE-2023-50705 1 Efacec 2 Uc 500e, Uc 500e Firmware 2024-11-21 N/A 5.3 MEDIUM
An attacker could create malicious requests to obtain sensitive information about the web server.
CVE-2023-50704 1 Efacec 2 Uc 500e, Uc 500e Firmware 2024-11-21 N/A 4.3 MEDIUM
An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users.
CVE-2023-50703 1 Efacec 2 Uc 500e, Uc 500e Firmware 2024-11-21 N/A 6.3 MEDIUM
An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application.