Eginnovations CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-29594	2 Eginnovations, Microsoft	5 Eg Agent, Eg Manager, Eg Rum Collectors and 2 more	2024-11-21	7.8 High
eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM.
CVE-2020-8592	1 Eginnovations	1 Eg Manager	2024-11-21	9.8 Critical
eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet (aka the Forgot Password feature).
CVE-2020-8591	1 Eginnovations	1 Eg Manager	2024-11-21	9.8 Critical
eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request.

Page 1 of 1.