Filtered by vendor Marvell
Subscriptions
Filtered by product Qconvergeconslole Gui
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-5804 | 1 Marvell | 1 Qconvergeconslole Gui | 2024-08-04 | 8.1 High |
| Marvell QConvergeConsole GUI <= 5.5.0.74 is affected by a path traversal vulnerability. The deleteEventLogFile method of the GWTTestServiceImpl class lacks proper validation of a user-supplied path prior to using it in file deletion operations. An authenticated, remote attacker can leverage this vulnerability to delete arbitrary remote files as SYSTEM or root. | ||||
| CVE-2020-5805 | 1 Marvell | 1 Qconvergeconslole Gui | 2024-08-04 | 8.8 High |
| In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users.xml. OS-level users on the QCC host who are not authorized to use QCC may use the plaintext credentials to login to QCC. | ||||
Page 1 of 1.