Smartbear Zephyr Enterprise — known CVE vulnerabilities
Every CVE whose affected-product data names Smartbear Zephyr Enterprise, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-22889 — CVSS 9.8 (critical): SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution…
CVE-2023-22891 — CVSS 8.1 (high): There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users…
CVE-2023-22890 — CVSS 7.5 (high): SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space…
CVE-2023-22892 — CVSS 7.5 (high): There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by…