Filtered by vendor Lynxspring
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-8378 | 1 Lynxspring | 1 Jenesys Bas Bridge | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials. | |||||
CVE-2016-8369 | 1 Lynxspring | 1 Jenesys Bas Bridge | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request (CROSS-SITE REQUEST FORGERY). | |||||
CVE-2016-8361 | 1 Lynxspring | 1 Jenesys Bas Bridge | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication. | |||||
CVE-2016-8357 | 1 Lynxspring | 1 Jenesys Bas Bridge | 2024-11-21 | 5.5 MEDIUM | 7.1 HIGH |
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application. |