Vulnerabilities (CVE)

Filtered by vendor Esds.co Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-37569 1 Esds.co 1 Emagic Data Center Management 2024-02-28 N/A 8.8 HIGH
This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on targeted system.
CVE-2023-37570 1 Esds.co 1 Emagic Data Center Management 2024-02-28 N/A 8.8 HIGH
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system.