Every CVE whose affected-product data names Device42 Cmdb, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-1399 — CVSS 9.1 (critical): An Argument Injection or Modification vulnerability in the "Change Secret" username field as used in the Discovery component of Device42…
CVE-2022-1410 — CVSS 8.0 (high): OS Command Injection vulnerability in the db_optimize component of Device42 Asset Management Appliance allows an authenticated attacker to…
CVE-2022-1400 — CVSS 7.1 (high): Use of Hard-coded Cryptographic Key vulnerability in the WebReportsApi.dll of Exago Web Reports, as used in the Device42 Asset Management…
CVE-2022-1401 — CVSS 6.9 (medium): Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an…