Ipswitch Luki w zabezpieczeniach

Oś czasu

Rodzaj

Mail Server Software	50
Not Defined	29
File Transfer Software	29
Network Management Software	27
Groupware Software	11

Produkt

Ipswitch IMail	37
Ipswitch WS_FTP Server	19
Ipswitch Whatsup Gold	11
Ipswitch Ipswitch Collaboration Suite	10
Ipswitch WhatsUp Professional	8

Przeciwdziałanie

Official Fix	94
Temporary Fix	0
Workaround	3
Unavailable	5
Not Defined	44

Wykorzystywanie

High	12
Functional	1
Proof-of-Concept	75
Unproven	2
Not Defined	56

Wektor dostępu

Not Defined	0
Physical	0
Local	12
Adjacent	2
Network	132

Uwierzytelnianie

Not Defined	0
High	1
Low	25
None	120

Interakcja z użytkownikiem

Not Defined	0
Required	21
None	125

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	7
≤5	17
≤6	38
≤7	17
≤8	40
≤9	11
≤10	16

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	10
≤5	28
≤6	31
≤7	38
≤8	14
≤9	17
≤10	8

VulDB

≤1	0
≤2	0
≤3	0
≤4	7
≤5	18
≤6	38
≤7	16
≤8	49
≤9	2
≤10	16

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	3
≤7	5
≤8	2
≤9	2
≤10	10

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	19
<2k	43
<5k	77
<10k	0
<25k	2
<50k	4
<100k	1
≥100k	0

Wykorzystaj dzisiaj

<1k	146
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (28): Collaboration Suite (1), IMAIL (1), IMail (41), IMail Express (1), IMail Server (6), Imail (1), Instant Messaging (3), Ipswitch Collaboration Suite (10), MOVEit DMZ (4), MOVEit File Transfer (1), MOVEit Mobile (2), MOVEit Transfer (1), MoveIT (1), MoveIt (1), Server (1), WS FTP Server (10), WS_FTP (9), WS_FTP Home client (1), WS_FTP Pro (5), WS_FTP Server (19), WhatsUp (2), WhatsUp Gold (3), WhatsUp Professional (10), WhatsUp Small Business (1), Whatsup Gold (11), WinCOM LPD (1), Ws Ftp Home (1), switch (1)

Link to Vendor Website: https://www.ipswitch.com/

Opublikowano	Base	Temp	Słaby punkt	Prod	Wyk	Prz	EPSS	CTI	CVE
2023-05-11	3.5	3.5	Ipswitch MoveIT API cross site scripting	Nieznany	Not Defined	Not Defined	0.00074	0.00	CVE-2023-30394
2019-06-11	8.2	7.8	Ipswitch WS_FTP Server SSHServerAPI.dll directory traversal	File Transfer Software	Not Defined	Official Fix	0.00094	0.02	CVE-2019-12146
2019-06-11	7.4	7.1	Ipswitch WS_FTP Server SSHServerAPI.dll directory traversal	File Transfer Software	Not Defined	Official Fix	0.00094	0.00	CVE-2019-12145
2019-06-11	8.5	8.2	Ipswitch WS_FTP Server SSHServerAPI.dll directory traversal	File Transfer Software	Not Defined	Official Fix	0.00538	0.02	CVE-2019-12144
2019-06-11	6.3	6.1	Ipswitch WS_FTP Server SSHServerAPI.dll directory traversal	File Transfer Software	Not Defined	Official Fix	0.00096	0.00	CVE-2019-12143
2018-05-01	8.5	8.2	Ipswitch Whatsup Gold NmAPI.exe privilege escalation	Network Management Software	Not Defined	Official Fix	0.00102	0.02	CVE-2018-8939
2018-05-01	8.5	8.2	Ipswitch Whatsup Gold SNMP MIB File DlgSelectMibFile.asp privilege escalation	Network Management Software	Not Defined	Official Fix	0.00068	0.00	CVE-2018-8938
2018-02-02	5.2	5.2	Ipswitch MoveIt human.aspx Stored cross site scripting	Nieznany	Not Defined	Not Defined	0.00115	0.03	CVE-2018-6545
2018-01-24	8.5	8.2	Ipswitch Whatsup Gold Legacy ASP Page sql injection	Network Management Software	Not Defined	Official Fix	0.00086	0.00	CVE-2018-5778
2018-01-24	8.5	8.2	Ipswitch Whatsup Gold TFTP Server privilege escalation	Network Management Software	Not Defined	Official Fix	0.00090	0.04	CVE-2018-5777
2017-11-03	6.8	6.1	Ipswitch WS_FTP Pro Search memory corruption	Nieznany	Proof-of-Concept	Official Fix	0.00310	0.03	CVE-2017-16513
2017-10-03	8.5	8.5	Ipswitch IMail Server IMmailSrv memory corruption	Mail Server Software	Not Defined	Not Defined	0.01075	0.00	CVE-2017-12639
2017-10-03	8.5	8.5	Ipswitch IMail Server IMmailSrv memory corruption	Mail Server Software	Not Defined	Not Defined	0.01075	0.00	CVE-2017-12638
2017-05-18	8.5	8.5	Ipswitch MOVEit DMZ/MOVEit Transfer sql injection	Nieznany	Not Defined	Not Defined	0.00134	0.01	CVE-2017-6195
2016-10-06	7.5	7.2	Ipswitch Whatsup Gold WrFreeFormText.asp Blind sql injection	Network Management Software	Not Defined	Official Fix	0.00051	0.02	CVE-2016-1000000
2016-10-06	6.3	6.3	Ipswitch Whatsup Gold WrFreeFormText.asp Blind sql injection	Network Management Software	Not Defined	Not Defined	0.00000	0.02	CVE-2016-10000
2016-04-15	5.4	5.4	Ipswitch MOVEit File Transfer File View on Download cross site scripting	File Transfer Software	Not Defined	Not Defined	0.00069	0.00	CVE-2015-7676
2016-02-10	5.3	5.2	Ipswitch MOVEit DMZ SOAP Request machine.aspx User information disclosure	Nieznany	Not Defined	Official Fix	0.00335	0.00	CVE-2015-7680
2016-02-10	6.1	5.9	Ipswitch MOVEit Mobile cross site scripting	Nieznany	Not Defined	Official Fix	0.00142	0.02	CVE-2015-7679
2016-02-10	8.8	8.8	Ipswitch MOVEit Mobile cross site request forgery	Nieznany	Not Defined	Not Defined	0.00126	0.00	CVE-2015-7678
2016-02-10	4.3	4.2	Ipswitch MOVEit DMZ MOVEitSAPI Service MOVEitISAPI.dll information disclosure	Nieznany	Not Defined	Official Fix	0.00095	0.00	CVE-2015-7677
2016-02-10	6.5	6.3	Ipswitch MOVEit DMZ Send Attachment Feature information disclosure	Nieznany	Not Defined	Official Fix	0.00121	0.02	CVE-2015-7675
2016-01-08	9.8	9.3	Ipswitch Whatsup Gold SOAP Request DroneDeleteOldMeasurements sql injection	Network Management Software	Proof-of-Concept	Official Fix	0.00075	0.00	CVE-2015-8261
2015-12-27	6.9	6.7	Ipswitch Whatsup Gold cross site scripting	Network Management Software	Proof-of-Concept	Official Fix	0.00115	0.00	CVE-2015-6005
2015-12-27	6.5	6.3	Ipswitch Whatsup Gold WrFreeFormText.asp sql injection	Network Management Software	Proof-of-Concept	Official Fix	0.00306	0.00	CVE-2015-6004

Ipswitch Luki w zabezpieczeniach

Oś czasu

Rodzaj

Produkt

Przeciwdziałanie

Wykorzystywanie

Wektor dostępu

Uwierzytelnianie

Interakcja z użytkownikiem

C3BM Index

CVSSv3 Base

CVSSv3 Temp

VulDB

NVD

CNA

Sprzedawca

Research

Exploit 0-day

Wykorzystaj dzisiaj

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

🔒 Login Required

Are you interested in using VulDB?