Idera Uptime Infrastructure Monitor — known CVE vulnerabilities
Every CVE whose affected-product data names Idera Uptime Infrastructure Monitor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2017-11471 — CVSS 9.8 (critical): IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.
CVE-2015-9263 — CVSS 9.8 (critical): An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13). It allows an attacker to…
CVE-2017-11470 — CVSS 9.8 (critical): IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.
CVE-2015-8268 — CVSS 7.5 (high): The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 on Linux allows remote attackers to read arbitrary files via…
CVE-2015-2895 — CVSS 7.3 (high): Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow remote attackers to execute arbitrary code via…
CVE-2015-2894 — CVSS 5.3 (medium): Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a…
CVE-2015-2896 — CVSS 5.3 (medium): The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS…