Aggregates CVE and security vulnerability intelligence across all agilepoint-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection and vendor risk path handling, with potential vendor impact file overwrite and vendor impact data exposure across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-31179 | AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal - Vulnerability allows path traversal and downloading files from the server, by an unspecified request. | [email protected] | 6.5 | 0.70% | 2023-05-08 | 2026-06-17 |
| CVE-2023-31178 | AgilePoint NX v8.0 SU2.2 & SU2.3 – Arbitrary File Delete Vulnerability allows arbitrary file deletion, by an unspecified request. | [email protected] | 8.1 | 0.61% | 2023-05-08 | 2026-06-17 |
| CVE-2023-24507 | AgilePoint NX v8.0 SU2.2 & SU2.3 – Insecure File Upload - Vulnerability allows insecure file upload, by an unspecified request. | [email protected] | 8.8 | 0.70% | 2023-05-08 | 2026-06-17 |
| CVE-2022-30619 | Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the parameter: EncodedData | [email protected] | 5.9 | 0.64% | 2022-07-06 | 2026-06-17 |