Aggregates CVE and security vulnerability intelligence across all elvexys-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling and related problems; some flaws may lead to vendor impact file overwrite, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-4780 | ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change. | [email protected] | 4.5 | 0.06% | 2022-12-29 | 2024-11-21 |
| CVE-2022-4779 | StreamX applications from versions 6.02.01 to 6.04.34 are affected by a logic bug that allows to bypass the implemented authentication scheme. StreamX applications using StreamView HTML component with the public web server feature activated are affected. | [email protected] | 7.5 | 0.38% | 2022-12-29 | 2025-04-10 |
| CVE-2022-4778 | StreamX applications from versions 6.02.01 to 6.04.34 are affected by a path traversal vulnerability that allows authenticated users to get unauthorized access to files on the server's filesystem. StreamX applications using StreamView HTML component with the public web server feature activated are affected. | [email protected] | 6.5 | 0.45% | 2022-12-29 | 2025-04-09 |