Vulnerabilities (CVE)

Filtered by vendor Nask Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-7267 1 Nask 1 Ezd Rp 2024-11-21 N/A 6.5 MEDIUM
Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to retrieve information about IP infrastructure and credentials. This issue affects EZD RP all versions before 19.6
CVE-2024-7266 1 Nask 1 Ezd Rp 2024-10-10 N/A 4.3 MEDIUM
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other organizations. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.
CVE-2024-7265 1 Nask 1 Ezd Rp 2024-10-10 N/A 8.8 HIGH
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.