CordawareCVEs & Vulnerabilities
2 CVEs affecting Cordaware products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
bestinformed 2
CVE-2019-6266CRITICAL
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext.
26 Feb 2019
9.8
CVSS
CVE-2019-6265HIGH
The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges.
26 Feb 2019
7.8
CVSS
← PrevPage 1 / 1Next →