Aggregates CVE and security vulnerability intelligence across all atvise-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling and vendor risk input validation, with potential vendor impact unexpected behavior and vendor impact file overwrite across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-21184 | An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | [email protected] | 5.9 | 0.10% | 2022-06-17 | 2024-11-21 |
| CVE-2011-4883 | The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service (resource consumption) via a crafted request. | [email protected] | 5.0 | 12.10% | 2012-04-13 | 2026-04-29 |
| CVE-2011-4882 | The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to cause a denial of service (application exit) via an unspecified command in an HTTP request. | [email protected] | 5.0 | 13.72% | 2012-04-13 | 2026-04-29 |
| CVE-2011-4881 | The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted HTTP request. | [email protected] | 5.0 | 52.36% | 2012-04-13 | 2026-04-29 |
| CVE-2011-4880 | Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request. | [email protected] | 5.0 | 16.08% | 2012-04-13 | 2026-04-29 |
| CVE-2011-4873 | Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service (daemon crash) via crafted requests to TCP port 4840. | [email protected] | 5.0 | 0.78% | 2012-01-19 | 2026-04-29 |