Every CVE whose affected-product data names Extensis Portfolio, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-24251 — CVSS 8.8 (high): Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload…
CVE-2022-24252 — CVSS 8.8 (high): An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to…
CVE-2022-24253 — CVSS 8.8 (high): Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component…
CVE-2022-24254 — CVSS 8.8 (high): An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to…
CVE-2022-24255 — CVSS 8.8 (high): Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges.