Fit2cloud Cloudexplorer Lite — known CVE vulnerabilities
Every CVE whose affected-product data names Fit2cloud Cloudexplorer Lite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2023-38692 — CVSS 9.8 (critical): CloudExplorer Lite is an open source, lightweight cloud management platform. Versions prior to 1.3.1 contain a command injection…
CVE-2023-3423 — CVSS 8.8 (high): Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0.
CVE-2023-2845 — CVSS 8.1 (high): Improper Access Control in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.
CVE-2023-50612 — CVSS 7.8 (high): Insecure Permissions vulnerability in fit2cloud Cloud Explorer Lite version 1.4.1, allow local attackers to escalate privileges and obtain…
CVE-2023-39519 — CVSS 7.5 (high): Cloud Explorer Lite is an open source cloud management platform. Prior to version 1.4.0, there is a risk of sensitive information leakage…
CVE-2023-42147 — CVSS 7.5 (high): An issue in CloudExplorer Lite 1.3.1 allows an attacker to obtain sensitive information via the login key component.
CVE-2023-44397 — CVSS 7.5 (high): CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer…
CVE-2023-34240 — CVSS 6.5 (medium): Cloudexplorer-lite is an open source cloud software stack. Weak passwords can be easily guessed and are an easy target for brute force…
CVE-2023-2844 — CVSS 4.9 (medium): Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0.