Reprisesoftware Reprise License Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Reprisesoftware Reprise License Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2021-44152 — CVSS 9.8 (critical): An issue was discovered in Reprise RLM 14.2. Because /goform/change_password_process does not verify authentication or authorization, an…
CVE-2023-43183 — CVSS 8.8 (high): Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change…
CVE-2018-15573 — CVSS 8.8 (high): An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any…
CVE-2021-37500 — CVSS 8.1 (high): Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM…
CVE-2018-5716 — CVSS 8.1 (high): An issue was discovered in Reprise License Manager 11.0. This vulnerability is a Path Traversal where the attacker, by changing a field in…
CVE-2023-44031 — CVSS 7.5 (high): Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows attackers to arbitrarily save…
CVE-2021-44151 — CVSS 7.5 (high): An issue was discovered in Reprise RLM 14.2. As the session cookies are small, an attacker can hijack any existing sessions by bruteforcing…
CVE-2021-44154 — CVSS 7.2 (high): An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/edit_opt, which will…
CVE-2021-44153 — CVSS 7.2 (high): An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an option to run…
CVE-2021-37499 — CVSS 6.5 (medium): CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result…
CVE-2021-37498 — CVSS 6.5 (medium): An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger…
CVE-2022-28363 — CVSS 6.1 (medium): Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process username…
CVE-2025-25939 — CVSS 6.1 (medium): Reprise License Manager 14.2 is vulnerable to reflected cross-site scripting in /goform/activate_process via the akey parameter.
CVE-2021-45422 — CVSS 6.1 (medium): Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process "count"…
CVE-2022-30519 — CVSS 6.1 (medium): XSS in signing form in Reprise Software RLM License Administration v14.2BL4 allows remote attacker to inject arbitrary code via password…
CVE-2018-15574 — CVSS 6.1 (medium): An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulnerability…
CVE-2022-28364 — CVSS 5.4 (medium): Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/rlmswitchr_process file…
CVE-2022-28365 — CVSS 5.3 (medium): Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. No…
CVE-2021-44155 — CVSS 5.3 (medium): An issue was discovered in /goform/login_process in Reprise RLM 14.2. When an attacker attempts to login, the response if a username is…