Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2023-0746

Disclosure Date: February 24, 2023 (last updated October 08, 2023)
The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-23249

Disclosure Date: January 05, 2021 (last updated February 22, 2025)
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-23250

Disclosure Date: January 05, 2021 (last updated February 22, 2025)
GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.
Attack Vector: LocalPrivileges: HighUser Interaction: None
0
0