Opswat: >> Metadefender >> 4.20.1 Security Vulnerabilities
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation.
CVSS Score
9.8
EPSS Score
0.164
Published
2022-06-09
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server.
CVSS Score
4.3
EPSS Score
0.007
Published
2022-06-08