Known Vulnerabilities for Kiteworks by Accellion
Listed below are 3 of the newest known vulnerabilities associated with "Kiteworks" by "Accellion".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-31586 json | Accellion Kiteworks before 7.4.0 allows an authenticated user to perform SQL Injection via LDAPGroup Search. | 8.8 - HIGH | 2021-06-23 | 2021-06-25 |
| CVE-2021-31585 json | Accellion Kiteworks before 7.3.1 allows a user with Admin privileges to escalate their privileges by generating SSH passwords... | 6.7 - MEDIUM | 2021-06-23 | 2022-07-12 |
| CVE-2017-9421 json | Authentication Bypass vulnerability in Accellion kiteworks before 2017.01.00 allows remote attackers to execute certain API c... | 6.5 - MEDIUM | 2018-05-24 | 2018-06-27 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Accellion | Kiteworks | 2017.01.00 |