Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Easyinstall
(Ixpdata)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-10-19 | CVE-2023-27795 | An issue found in IXP Data Easy Install v.6.6.14884.0 allows a local attacker to gain privileges via a static XOR key. | Easyinstall | 7.8 | ||
| 2023-10-19 | CVE-2023-30131 | An issue discovered in IXP EasyInstall 6.6.14884.0 allows attackers to run arbitrary commands, gain escalated privilege, and cause other unspecified impacts via unauthenticated API calls. | Easyinstall | 9.8 | ||
| 2023-10-19 | CVE-2023-30132 | An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated privileges via static Cryptographic Key. | Easyinstall | 7.8 | ||
| 2023-10-19 | CVE-2023-27793 | An issue discovered in IXP Data Easy Install v.6.6.14884.0 allows local attackers to gain escalated privileges via weak encoding of sensitive information. | Easyinstall | 7.8 | ||
| 2023-10-19 | CVE-2023-27791 | An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG. | Easyinstall | 8.1 | ||
| 2023-10-19 | CVE-2023-27792 | An issue found in IXP Data Easy Install v.6.6.14884.0 allows an attacker to escalate privileges via lack of permissions applied to sub directories. | Easyinstall | 7.8 | ||
| 2022-12-01 | CVE-2022-35120 | IXPdata EasyInstall 6.6.14725 contains an access control issue. | Easyinstall | 8.8 | ||
| 2020-01-23 | CVE-2019-19894 | In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UAC by using the Agent Service on a client system. An authenticated attacker (non-admin) can disable UAC for other users by renaming and replacing %SYSTEMDRIVE%\IXP\DATA\IXPAS.IXP. | Easyinstall | 5.5 | ||
| 2020-01-23 | CVE-2019-19895 | In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Agent Service) against other users on a client system. An authenticated attacker can, by modifying %SYSTEMDRIVE%\IXP\SW\[PACKAGE_CODE]\EveryLogon.bat, achieve this movement and execute code in the context of other users. | Easyinstall | 7.8 | ||
| 2020-01-23 | CVE-2019-19898 | In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP port 20050 when using the Administrator console remotely. | Easyinstall | 7.5 |