Every CVE whose affected-product data names Smartclient, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2020-9352 — CVSS 9.8 (critical): An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a…
CVE-2020-9353 — CVSS 7.5 (high): An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) loadFile provided by the console functionality on the…
CVE-2020-9354 — CVSS 7.5 (high): An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by the console functionality on the…
CVE-2020-9351 — CVSS 5.3 (medium): An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to /tools/developerConsoleOperations.jsp…