Vulnerabilities (CVE)

Filtered by vendor Accellion Subscribe

Filtered by product Kiteworks

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-31585	1 Accellion	1 Kiteworks	2023-12-10	4.6 MEDIUM	6.7 MEDIUM
Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords that allow local access.
CVE-2021-31586	1 Accellion	1 Kiteworks	2023-12-10	6.5 MEDIUM	8.8 HIGH
Accellion Kiteworks before 7.4.0 allows an authenticated user to perform SQL Injection via LDAPGroup Search.
CVE-2017-9421	1 Accellion	1 Kiteworks	2023-12-10	6.4 MEDIUM	6.5 MEDIUM
Authentication Bypass vulnerability in Accellion kiteworks before 2017.01.00 allows remote attackers to execute certain API calls on behalf of a web user using a gathered token via a POST request to /oauth/token.