Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-34539 | 1 Cubecoders | 1 Amp | 2022-07-12 | 6.5 MEDIUM | 7.2 HIGH |
An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution. | |||||
CVE-2021-31926 | 1 Cubecoders | 1 Amp | 2021-07-28 | 4.0 MEDIUM | 6.5 MEDIUM |
AMP Application Deployment Service in CubeCoders AMP 2.1.x before 2.1.1.2 allows a remote, authenticated user to open ports in the local system firewall by crafting an HTTP(S) request directly to the applicable API endpoint (despite not having permission to make changes to the system's network configuration). |