Vulnerability Name
Classifications
Severity
Authentication Bypass in Fortra’s GoAnywhere MFT (CVE-2024-0204)
PCI v3.2-6.5.1, CAPEC-114,115, CWE-425, HIPAA-164.306(a), ISO27001-A.13.1.1, WASC-1, OWASP 2013-A9, OWASP 2017-A9, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
High
Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805)
PCI v3.2-6.5.1, CAPEC-114,115, CWE-287, HIPAA-164.306(a), ISO27001-A.13.1.1, WASC-1, OWASP 2013-A9, OWASP 2017-A9, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
High
Cross-site Scripting
PCI v3.2-6.5.7, CAPEC-19, CWE-79, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
High
Cross-site Scripting (DOM based)
PCI v3.2-6.5.7, CAPEC-19, CWE-79, HIPAA-164.308(a), ISO27001-A.14.2.5, WASC-8, OWASP 2013-A3, OWASP 2017-A7, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
High
Fortigate SSL VPN Arbitrary File reading (CVE-2018-13379)
CWE-22, CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
High