Vulnerabilities (CVE)

Filtered by vendor Prise Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-15085	1 Prise	1 Adas	2020-08-24	5.0 MEDIUM	7.5 HIGH
An issue was discovered in PRiSE adAS 1.7.0. The current database password is embedded in the change password form.
CVE-2019-15087	1 Prise	1 Adas	2020-08-24	6.5 MEDIUM	7.2 HIGH
An issue was discovered in PRiSE adAS 1.7.0. An authenticated user can change the function used to hash passwords to any function, leading to remote code execution.
CVE-2019-15089	1 Prise	1 Adas	2019-09-20	6.8 MEDIUM	8.8 HIGH
An issue was discovered in PRiSE adAS 1.7.0. Forms have no CSRF protection, letting an attacker execute actions as the administrator.