Accellion Kiteworks Appliance — known CVE vulnerabilities
Every CVE whose affected-product data names Accellion Kiteworks Appliance, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2016-5662 — CVSS 7.8 (high): Accellion Kiteworks appliances before kw2016.03.00 use setuid-root permissions for /opt/bin/cli, which allows local users to gain…
CVE-2016-5663 — CVSS 6.1 (medium): Multiple cross-site scripting (XSS) vulnerabilities in oauth_callback.php on Accellion Kiteworks appliances before kw2016.03.00 allow…
CVE-2016-5664 — CVSS 4.3 (medium): Directory traversal vulnerability on Accellion Kiteworks appliances before kw2016.03.00 allows remote attackers to read files via a crafted…