Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mbconnect24
(Mbconnectline)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 33 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-03-02 | CVE-2020-12529 | An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports. | Mbconnect24, Mymbconnect24 | 5.3 | ||
2021-03-02 | CVE-2020-12528 | An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. Improper use of access validation allows a logged in user to kill web2go sessions in the account he should not have access to. | Mbconnect24, Mymbconnect24 | 7.7 | ||
2020-04-14 | CVE-2020-10384 | An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software in all versions through 2.6.1. There is a local privilege escalation from the www-data account to the root account. | Mbconnect24, Mymbconnect24 | 7.8 |