computrols 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に vendor risk cross-site scripting and vendor risk csrf などに関し、一部は vendor impact data exposure を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2019-10848 | Computrols CBAS 18.0.0 allows Username Enumeration. | [email protected] | 5.3 | 8.49% | 2019-05-24 | 2026-06-17 |
| CVE-2019-10847 | Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. | [email protected] | 8.8 | 2.42% | 2019-05-24 | 2026-06-17 |
| CVE-2019-10850 | Computrols CBAS 18.0.0 has Default Credentials. | [email protected] | 9.8 | 1.95% | 2019-05-23 | 2026-06-17 |
| CVE-2019-10849 | Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. | [email protected] | 7.5 | 9.01% | 2019-05-23 | 2026-06-17 |
| CVE-2019-10846 | Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter. | [email protected] | 6.1 | 4.66% | 2019-05-23 | 2026-06-17 |
| CVE-2019-10855 | Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database. | [email protected] | 7.5 | 1.00% | 2019-05-23 | 2026-06-17 |
| CVE-2019-10854 | Computrols CBAS 18.0.0 allows Authenticated Command Injection. | [email protected] | 8.8 | 2.99% | 2019-05-23 | 2026-06-17 |
| CVE-2019-10853 | Computrols CBAS 18.0.0 allows Authentication Bypass. | [email protected] | 8.1 | 1.66% | 2019-05-23 | 2026-06-17 |
| CVE-2019-10852 | Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring. | [email protected] | 8.8 | 1.75% | 2019-05-23 | 2026-06-17 |
| CVE-2019-10851 | Computrols CBAS 18.0.0 has hard-coded encryption keys. | [email protected] | 6.5 | 0.67% | 2019-05-23 | 2026-06-17 |