Horizoncloud

Caterease

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-38887

Exploit
  • EPSS 4.24%
  • Veröffentlicht 02.08.2024 21:16:30
  • Zuletzt bearbeitet 20.08.2024 16:17:55

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to expand control over the operating system from the database due to the execution of commands with unnecessary...

7.5

CVE-2024-38891

  • EPSS 0.08%
  • Veröffentlicht 02.08.2024 21:16:30
  • Zuletzt bearbeitet 24.02.2026 19:08:57

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information.

6.8

CVE-2024-38888

  • EPSS 0.04%
  • Veröffentlicht 02.08.2024 20:17:00
  • Zuletzt bearbeitet 13.05.2025 14:11:26

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts.

9.8

CVE-2024-38889

  • EPSS 0.33%
  • Veröffentlicht 02.08.2024 20:17:00
  • Zuletzt bearbeitet 20.02.2026 20:39:49

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform SQL Injection due to improper neutralization of special elements used in an SQL command.

7.5

CVE-2024-38881

  • EPSS 0.26%
  • Veröffentlicht 02.08.2024 18:16:19
  • Zuletzt bearbeitet 24.02.2026 19:09:09

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts when storing...

9.8

CVE-2024-38882

  • EPSS 6.6%
  • Veröffentlicht 02.08.2024 18:16:19
  • Zuletzt bearbeitet 24.02.2026 19:09:27

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used...

9.1

CVE-2024-38883

  • EPSS 0.17%
  • Veröffentlicht 02.08.2024 18:16:19
  • Zuletzt bearbeitet 13.05.2025 14:11:20

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation.

7.8

CVE-2024-38884

  • EPSS 0.02%
  • Veröffentlicht 02.08.2024 18:16:19
  • Zuletzt bearbeitet 13.05.2025 14:11:22

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform an Authentication Bypass attack due to improperly implemented security checks for standard authentica...

7.5

CVE-2024-38885

  • EPSS 0.18%
  • Veröffentlicht 02.08.2024 18:16:19
  • Zuletzt bearbeitet 13.05.2025 14:11:24

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials i...

9.8

CVE-2024-38886

  • EPSS 0.86%
  • Veröffentlicht 02.08.2024 18:16:19
  • Zuletzt bearbeitet 24.02.2026 19:08:00

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel.