Aggregates CVE and security vulnerability intelligence across all multisuns-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling, with potential vendor impact file overwrite across vendor surface production workloads and vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-48390 | Multisuns EasyLog web+ has a code injection vulnerability. An unauthenticated remote attacker can exploit this vulnerability to inject code and access the system to perform arbitrary system operations or disrupt service. | [email protected] | 9.8 | 1.11% | 2023-12-15 | 2024-11-21 |
| CVE-2023-48389 | Multisuns EasyLog web+ has a path traversal vulnerability within its parameter in a specific URL. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files. | [email protected] | 7.5 | 1.31% | 2023-12-15 | 2024-11-21 |
| CVE-2023-48388 | Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service. | [email protected] | 9.8 | 0.93% | 2023-12-15 | 2024-11-21 |