Research & Development
$ #

Our findings

Publicly disclosed vulnerabilities discovered by STM team.

Vulnerability ID CVSS3.1 Product / Vulnerability name
CVE-2022-30874

4.8 (Medium)

NukeViet CMS

Stored XSS in menu item link

CVE-2021-37421

5.3 (Medium)

ManageEngine ADSelfService Plus

Admin portal access restriction bypass via X-Forwarded-For header

CVE-2021-37420

6.5 (Medium)

ManageEngine ADSelfService Plus

E-mail MIME injection in /RestAPI/PasswordSelfServiceAPI endpoint

CVE-2021-37419

8.6 (High)

ManageEngine ADSelfService Plus

SSRF vulnerability in /servlet/ADSHACluster endpoint

CVE-2021-37417

5.3 (Medium)

ManageEngine ADSelfService Plus

CAPTCHA bypass in login form via EXCLUDE_CAPTCHA parameter

CVE-2021-37416

6.1 (Medium)

ManageEngine ADSelfService Plus

Reflected XSS in LoadFrame page via single_signout parameter

CVE-2021-33055

8.1 (High)

ManageEngine ADSelfService Plus

Unauthenticated and authenticated RCE via PowerShell injection - system locale dependant

CVE-2021-31874

9.1 (Critical)

ManageEngine ADSelfService Plus

Retrieval of linked databases credentials via HOST_NAME parameter manipulation

CVE-2021-28958

9.8 (Critical)

ManageEngine ADSelfService Plus

Unauthenticated RCE in password change function

CVE-2021-20574

8.7 (High)

IBM Security Identity Manager Windows Password Synch Plug-in

LDAP Injection leading to account takeover

CVE-2021-20573

5.7 (Medium)

IBM Security Identity Manager Windows Password Synch Plug-in

Heap overflow leading to domain controller denial of service

CVE-2021-20572

5.7 (Medium)

IBM Security Identity Manager Windows Password Synch Plug-in

Stack overflow leading to domain controller denial of service

CVE-2021-2053

6.1 (Medium)

Oracle Enterprise Manager

Reflected Cross-Site Scripting in "target" query parameter

CVE-2020-4702

6.4 (Medium)

IBM InfoSphere (Metadata Asset Manager)

Stored cross-site scripting

CVE-2020-4632

5.7 (Medium)

IBM InfoSphere (Metadata Asset Manager)

Server-side request forgery

CVE-2022-22323TBATBA
CVE-2022-22312TBATBA
CVE-2021-37424TBATBA
CVE-2021-37423TBATBA
CVE-2021-37422TBATBA