Vulnerabilities (CVE)

Filtered by vendor Microchip Subscribe
Filtered by product Syncserver S200
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9031 1 Microchip 10 Syncserver S100, Syncserver S100 Firmware, Syncserver S200 and 7 more 2024-02-04 6.4 MEDIUM 6.5 MEDIUM
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php.
CVE-2020-9032 1 Microchip 10 Syncserver S100, Syncserver S100 Firmware, Syncserver S200 and 7 more 2024-02-04 6.4 MEDIUM 6.5 MEDIUM
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to kernlog.php.
CVE-2020-9034 1 Microchip 10 Syncserver S100, Syncserver S100 Firmware, Syncserver S200 and 7 more 2024-02-04 5.0 MEDIUM 7.5 HIGH
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices mishandle session validation, leading to unauthenticated creation, modification, or elimination of users.
CVE-2020-9028 1 Microchip 10 Syncserver S100, Syncserver S100 Firmware, Syncserver S200 and 7 more 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenance" screen (when creating a new user).
CVE-2020-9029 1 Microchip 10 Syncserver S100, Syncserver S100 Firmware, Syncserver S200 and 7 more 2024-02-04 6.4 MEDIUM 6.5 MEDIUM
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php.
CVE-2020-9030 1 Microchip 10 Syncserver S100, Syncserver S100 Firmware, Syncserver S200 and 7 more 2024-02-04 6.4 MEDIUM 6.5 MEDIUM
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php.
CVE-2020-9033 1 Microchip 10 Syncserver S100, Syncserver S100 Firmware, Syncserver S200 and 7 more 2024-02-04 6.4 MEDIUM 6.5 MEDIUM
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to authlog.php.