Extensis: >> Portfolio >> 4.0 Security Vulnerabilities
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function.
CVSS Score
8.8
EPSS Score
0.007
Published
2022-03-01
An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file.
CVSS Score
8.8
EPSS Score
0.022
Published
2022-03-01
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet.
CVSS Score
8.8
EPSS Score
0.007
Published
2022-03-01
An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file.
CVSS Score
8.8
EPSS Score
0.026
Published
2022-03-01
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-03-01