Lynxspring

Jenesys Bas Bridge

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.6

CVE-2016-8361

  • EPSS 0.38%
  • Veröffentlicht 13.02.2017 21:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication.

8.8

CVE-2016-8369

  • EPSS 0.12%
  • Veröffentlicht 13.02.2017 21:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request (CROSS-SITE REQUEST FORGERY).

9.8

CVE-2016-8378

  • EPSS 0.5%
  • Veröffentlicht 13.02.2017 21:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials.

7.1

CVE-2016-8357

  • EPSS 0.2%
  • Veröffentlicht 13.02.2017 21:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to ma...