Shodan
Vulnerabilities
Vulnerable Software
Verint:  Security Vulnerabilities
CVE-2024-36396
Verint - CWE-434: Unrestricted Upload of File with Dangerous Type
CVSS Score
8.8
EPSS Score
0.002
Published
2024-06-13
CVE-2024-36395
Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CVSS Score
6.1
EPSS Score
0.001
Published
2024-06-13
CVE-2023-33257
Verint Engagement Management 15.3 Update 2023R2 is vulnerable to HTML injection via the user data form in the live chat.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-08-02
CVE-2020-12744
The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-10-20
CVE-2021-36450
Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter.
CVSS Score
6.1
EPSS Score
0.251
Published
2021-12-15
CVE-2021-41825
Verint Workforce Optimization (WFO) 15.2.5.1033 allows HTML injection via the /wfo/control/signin username parameter.
CVSS Score
5.3
EPSS Score
0.006
Published
2021-10-08
CVE-2020-23446
Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API
CVSS Score
5.3
EPSS Score
0.005
Published
2020-09-22
CVE-2020-24055
Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320_FW_0_31 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666. The service is vulnerable to a stack buffer overflow. It is worth noting that this service does not require any authentication.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-08-21
CVE-2020-24056
A hardcoded credentials vulnerability exists in Verint 5620PTZ Verint_FW_0_42, Verint 4320 V4320_FW_0_23, V4320_FW_0_31, and Verint S5120FD Verint_FW_0_42units. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-08-21
CVE-2020-24057
The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint ('ipfilter.cgi') that allows the user to manage network filtering on the unit. This endpoint is vulnerable to a command injection. An authenticated attacker can leverage this issue to execute arbitrary commands as 'root'.
CVSS Score
8.8
EPSS Score
0.212
Published
2020-08-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved