VULHUB ™

Multiple Janitza UMG products are prone to the following security vulnerabilities: 1. Brute-force authentication-bypass vulnerability 2. Session token generation weakness 3. A hard-coded password security-bypass vulnerability 4. A privilege-escalation vulnerability 5. Multiple cross-site scripting vulnerabilities 6. Multiple HTML-injection vulnerabilities 7. A cross-site request forgery vulnerability and 8. An information-disclosure vulnerability An attacker can exploit these issues to bypass the authentication mechanism and gain unauthorized access, execute attacker-supplied HTML or JavaScript code in the context of the affected site, to steal cookie-based authentication credentials, gain elevated privileges, obtain sensitive information and perform certain unauthorized actions. This may aid in further attacks.

Multiple Janitza UMG products are prone to the following security vulnerabilities: 1. Brute-force authentication-bypass vulnerability 2. Session token generation weakness 3. A hard-coded password security-bypass vulnerability 4. A privilege-escalation vulnerability 5. Multiple cross-site scripting vulnerabilities 6. Multiple HTML-injection vulnerabilities 7. A cross-site request forgery vulnerability and 8. An information-disclosure vulnerability An attacker can exploit these issues to bypass the authentication mechanism and gain unauthorized access, execute attacker-supplied HTML or JavaScript code in the context of the affected site, to steal cookie-based authentication credentials, gain elevated privileges, obtain sensitive information and perform certain unauthorized actions. This may aid in further attacks.