Inventivetec Mediacast — known CVE vulnerabilities
Every CVE whose affected-product data names Inventivetec Mediacast, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2011-2077 — CVSS 7.5 (high): The default configuration of the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier enables external TCP…
CVE-2011-2079 — CVSS 7.5 (high): MediaCAST 8 and earlier allows remote attackers to have an unspecified impact via a (1) CP_RIGHTSOURCE or (2) bdclient_Inventive cookie to…
CVE-2011-2080 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) a…
CVE-2011-2081 — CVSS 5.0 (medium): MediaCAST 8 and earlier does not properly handle requests for inventivex/isptools/release/metadata/globalIncludeFolders.txt, which allows…
CVE-2011-2076 — CVSS 5.0 (medium): MediaCAST 8 and earlier stores passwords in cleartext, which makes it easier for context-dependent attackers to obtain sensitive…
CVE-2010-0216 — CVSS 5.0 (medium): authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by…
CVE-2011-2078 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier allow…