lws 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
Historical issues mainly involve vendor risk csrf and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-43962 | Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4. | [email protected] | 5.4 | 0.45% | 2024-11-01 | 2024-11-08 |
| CVE-2023-27453 | Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.3.1 versions. | [email protected] | 5.4 | 0.30% | 2023-11-22 | 2024-11-21 |
| CVE-2023-34025 | Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Hide Login plugin <= 2.1.6 versions. | [email protected] | 5.4 | 0.30% | 2023-11-09 | 2026-04-28 |
| CVE-2023-35774 | Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.4.1 versions. | [email protected] | 5.4 | 0.21% | 2023-07-11 | 2024-11-21 |
| CVE-2023-35781 | Cross-Site Request Forgery (CSRF) vulnerability in LWS Cleaner plugin <= 2.3.0 versions. | [email protected] | 5.4 | 0.21% | 2023-07-11 | 2024-11-21 |