Damstratechnology Smart Asset — known CVE vulnerabilities
Every CVE whose affected-product data names Damstratechnology Smart Asset, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-26527 — CVSS 9.8 (critical): An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross-origin resource sharing trusts random origins by accepting…
CVE-2020-26525 — CVSS 9.1 (critical): Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. This allows forcing the database and server to…
CVE-2020-26526 — CVSS 5.3 (medium): An issue was discovered in Damstra Smart Asset 2020.7. It is possible to enumerate valid usernames on the login page. The application sends…