Known Vulnerabilities
CVE-2024-28020
A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use the passwords and login information through complex routines to extend access on the server and other services.
HIGH
CVSS 8.0
Published Jun 11, 2024
CVE-2024-28024
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in cleartext within a resource that might be accessible to another control sphere.
MEDIUM
CVSS 4.1
Published Jun 11, 2024
CVE-2024-28022
A vulnerability exists in the UNEM server / APIGateway that if exploited allows a malicious user to perform an arbitrary number of authentication attempts using different passwords, and eventually gain access to other components in the same security realm using the targeted account.
MEDIUM
CVSS 6.5
Published Jun 11, 2024