Every CVE whose affected-product data names Battelle V2i Hub, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2018-1000631 — CVSS 9.8 (critical): Battelle V2I Hub 3.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the…
CVE-2018-1000625 — CVSS 9.8 (critical): Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An attacker could exploit this vulnerability to log…
CVE-2018-1000626 — CVSS 9.8 (critical): Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass security restrictions, caused by the lack of requirement to change the…
CVE-2018-1000627 — CVSS 9.8 (critical): Battelle V2I Hub 2.5.1 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict access to the API…
CVE-2018-1000628 — CVSS 9.8 (critical): Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass security restrictions, caused by the direct checking of the API key against…
CVE-2018-1000624 — CVSS 7.5 (high): Battelle V2I Hub 2.5.1 is vulnerable to a denial of service, caused by the failure to restrict access to a sensitive functionality. By…
CVE-2018-1000630 — CVSS 7.2 (high): Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to…
CVE-2018-1000629 — CVSS 6.1 (medium): Battelle V2I Hub 2.5.1 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by…