Marvalglobal Marval Msm — known CVE vulnerabilities
Every CVE whose affected-product data names Marvalglobal Marval Msm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-31885 — CVSS 9.8 (critical): Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of VBScripts.
CVE-2022-31887 — CVSS 9.8 (critical): Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker to change any user's password in the…
CVE-2022-31883 — CVSS 8.8 (high): Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability. A low privilege user is able to see other users…
CVE-2022-31884 — CVSS 6.5 (medium): Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low privilege user to delete other users API Keys…
CVE-2022-31886 — CVSS 6.5 (medium): Marval MSM v14.19.0.12476 is vulnerable to Cross Site Request Forgery (CSRF). An attacker can disable the 2FA by sending the user a…