unisys 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk csrf、vendor risk ssrf, and vendor risk file inclusion に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で vendor impact unauthorized access and vendor impact session compromise などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-39907 | Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose an unauthenticated WCF SOAP endpoint on TCP port 1208 that accepts unsanitized file paths in the ReadLicense action's LFName parameter, allowing remote attackers to trigger SMB connections and leak NTLMv2 machine-account hashes. Attackers can submit crafted SOAP requests with UNC paths to force the server to initiate outbound SMB connections, exposing authentication credentials that may be relayed for privilege escal | [email protected] | 7.0 | 0.62% | 2026-04-14 | 2026-06-17 |
| CVE-2026-39906 | Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose a deprecated .NET Remoting TCP channel that allows remote unauthenticated attackers to leak NTLMv2 machine-account hashes by supplying a Windows UNC path as a target file argument through object-unmarshalling techniques. Attackers can capture the leaked NTLMv2 hash and relay it to other hosts to achieve privilege escalation or lateral movement depending on network configuration and patch level. | [email protected] | 7.0 | 0.69% | 2026-04-14 | 2026-06-17 |
| CVE-2024-23758 | An issue discovered in Unisys Stealth 5.3.062.0 allows attackers to view sensitive information via the Enterprise ManagementInstaller_msi.log file. | [email protected] | 7.5 | 0.47% | 2024-02-20 | 2026-06-17 |
| CVE-2022-32555 | Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request forgery attack could occur. | [email protected] | 8.8 | 0.29% | 2022-09-13 | 2026-06-17 |
| CVE-2021-43394 | Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated. | [email protected] | 9.8 | 1.17% | 2022-01-24 | 2026-06-17 |
| CVE-2021-45445 | Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop. | [email protected] | 7.5 | 0.97% | 2022-01-12 | 2026-06-17 |
| CVE-2021-43388 | Unisys Cargo Mobile Application before 1.2.29 uses cleartext to store sensitive information, which might be revealed in a backup. The issue is addressed by ensuring that the allowBackup flag (in the manifest) is False. | [email protected] | 7.5 | 0.57% | 2021-12-14 | 2026-06-17 |
| CVE-2021-35056 | Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task. An unintended executable might run. | [email protected] | 6.7 | 0.25% | 2021-07-15 | 2026-06-16 |
| CVE-2020-35542 | Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. This could be used for an XSS attack. | [email protected] | 5.4 | 0.47% | 2021-04-27 | 2026-06-16 |
| CVE-2021-28492 | Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017.0, and 6.x before 6.0.037.0 stores passwords in a recoverable format. | [email protected] | 4.9 | 0.85% | 2021-04-20 | 2026-06-16 |
| CVE-2021-3141 | In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is stored in a recoverable format that might be accessible by a local attacker, who could gain access to the Management Server and change the Stealth configuration. | [email protected] | 7.8 | 0.22% | 2021-03-18 | 2026-06-17 |
| CVE-2020-24620 | Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format. Therefore, a search of Enterprise Manager can potentially reveal credentials. | [email protected] | 7.8 | 0.29% | 2020-10-01 | 2026-06-16 |
| CVE-2020-12053 | In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-based authorization is used without HTTPS, an endpoint could be authorized without a private key. | [email protected] | 9.8 | 0.68% | 2020-06-22 | 2026-06-16 |
| CVE-2020-12647 | Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5 can emit invalid code sequences under rare circumstances related to syntax. The resulting code could, for example, trigger a system fault or adversely affect confidentiality, integrity, and availability. | [email protected] | 8.8 | 0.40% | 2020-05-20 | 2026-06-16 |
| CVE-2019-18193 | In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114, key material inadvertently logged under certain conditions. Fixed included in 3.4.109, 4.0.027.13, 4.0.125 and 5.0.013.0. | [email protected] | 7.5 | 0.28% | 2020-02-03 | 2026-06-16 |
| CVE-2019-18386 | Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel | [email protected] | 8.7 | 0.79% | 2020-01-07 | 2026-06-16 |
| CVE-2018-7534 | In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth Solution, an encryption key may be left in memory. | [email protected] | 4.7 | 0.16% | 2018-05-30 | 2026-06-16 |
| CVE-2018-8049 | The Stealth endpoint in Unisys Stealth SVG 2.8.x, 3.0.x before 3.0.1999, 3.1.x, 3.2.x before 3.2.030, and 3.3.x before 3.3.016, when running on Linux and AIX, allows remote attackers to cause a denial of service (crash) via crafted packets. | [email protected] | 7.5 | 1.44% | 2018-04-03 | 2026-06-16 |
| CVE-2018-8802 | SQL injection vulnerability in the management interface in ePortal Manager allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | [email protected] | 8.1 | 0.95% | 2018-03-26 | 2026-06-16 |
| CVE-2018-5762 | The TLS implementation in the TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 58.1 before 58.160, 59.1 before 059.1a.17 (IC #17), and 60.0 before 60.044 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. | [email protected] | 5.9 | 1.04% | 2018-02-26 | 2026-06-16 |