Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-22892 | 1 Smartbear | 1 Zephyr Enterprise | 2024-11-21 | N/A | 7.5 HIGH |
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances. | |||||
CVE-2023-22891 | 1 Smartbear | 1 Zephyr Enterprise | 2024-11-21 | N/A | 8.1 HIGH |
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts. | |||||
CVE-2023-22890 | 1 Smartbear | 1 Zephyr Enterprise | 2024-11-21 | N/A | 7.5 HIGH |
SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition. | |||||
CVE-2023-22889 | 1 Smartbear | 1 Zephyr Enterprise | 2024-11-21 | N/A | 9.8 CRITICAL |
SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users. |