Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

pcvuesolutions

Source -

NVD

BOS Name -

PcVue (ARC Informatique)

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated ProductsRelated AssignersReports
3Vulnerabilities found
CVE-2020-26867
Assigner-Kaspersky
ShareView Details
Assigner-Kaspersky
CVSS Score-9.8||CRITICAL
EPSS-1.52% / 80.55%
||
7 Day CHG~0.00%
Published-12 Oct, 2020 | 13:54
Updated-16 Sep, 2024 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ARC Informatique PcVue Deserialization of Untrusted Data

ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.

Action-Not Available
Vendor-PcVue (ARC Informatique)
Product-pcvuePcVue
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2020-26869
Assigner-Kaspersky
ShareView Details
Assigner-Kaspersky
CVSS Score-7.5||HIGH
EPSS-0.40% / 60.07%
||
7 Day CHG~0.00%
Published-12 Oct, 2020 | 13:52
Updated-17 Sep, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ARC Informatique PcVue Exposure of Sensitive Information to an Unauthorized Actor

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized users to access session data of legitimate users. This issue also affects third-party systems based on the Web Services Toolkit.

Action-Not Available
Vendor-PcVue (ARC Informatique)
Product-pcvuePcVue
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-26868
Assigner-Kaspersky
ShareView Details
Assigner-Kaspersky
CVSS Score-7.5||HIGH
EPSS-1.17% / 77.85%
||
7 Day CHG~0.00%
Published-12 Oct, 2020 | 13:50
Updated-17 Sep, 2024 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ARC Informatique PcVue Access to Critical Private Variable via Public Method

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects third-party systems based on the Web Services Toolkit.

Action-Not Available
Vendor-PcVue (ARC Informatique)
Product-pcvuePcVue
CWE ID-CWE-767
Access to Critical Private Variable via Public Method
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere