Vulnerabilities (CVE)

Filtered by vendor Otris Subscribe
Filtered by product Update Manager
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40376 1 Otris 1 Update Manager 2024-11-21 7.2 HIGH 7.8 HIGH
otris Update Manager 1.2.1.0 allows local users to achieve SYSTEM access via unauthenticated calls to exposed interfaces over a .NET named pipe. A remote attack may be possible as well, by leveraging WsHTTPBinding for HTTP traffic on TCP port 9000.