Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Unit4 Subscribe
Filtered by product Mik.starlight
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-36232 1 Unit4 1 Mik.starlight 2022-05-03 6.5 MEDIUM 8.8 HIGH
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges.
CVE-2021-36233 1 Unit4 1 Mik.starlight 2021-09-08 4.0 MEDIUM 6.5 MEDIUM
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path.
CVE-2021-36234 1 Unit4 1 Mik.starlight 2021-09-08 2.1 LOW 5.5 MEDIUM
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors.
CVE-2021-36231 1 Unit4 1 Mik.starlight 2021-09-08 9.0 HIGH 8.8 HIGH
Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects.