Threatscape

All the following vulnerabilities were discovered either by Positive Research experts or by automated security products from Positive Technologies, including MaxPatrol and PT Application Inspector.
Medium (6.4) (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)
Fix date: December 20, 2018
Vector: Remote
Systems affected: EVLink Parking
Vendor: Schneider Electric
Notification status: 31.05.2018 - Vendor gets vulnerability details
20.12.2018 - Vendor releases fixed version and details
26.12.2018 - Public disclosure
High (8.8) (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Fix date: December 20, 2018
Vector: Remote
Systems affected: EVLink Parking
Vendor: Schneider Electric
Notification status: 31.05.2018 - Vendor gets vulnerability details
20.12.2018 - Vendor releases fixed version and details
26.12.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: December 20, 2018
Vector: Remote
Systems affected: EVLink Parking
Vendor: Schneider Electric
Notification status: 31.05.2018 - Vendor gets vulnerability details
20.12.2018 - Vendor releases fixed version and details
26.12.2018 - Public disclosure
Medium (4.3) (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Fix date: March 13, 2018
Vector: Remote
Systems affected: SAP Business Process Automation by Redwood 9.x
Vendor: SAP
Notification status: 16.03.2017 - Vendor gets vulnerability details
13.03.2018 - Vendor releases fixed version and details
26.12.2018 - Public disclosure
Medium (5.4) (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L)
Fix date: March 13, 2018
Vector: Remote
Systems affected: SAP Business Process Automation by Redwood 9.x
Vendor: SAP
Notification status: 16.03.2017 - Vendor gets vulnerability details
13.03.2018 - Vendor releases fixed version and details
26.12.2018 - Public disclosure
Medium (4.3) (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Fix date: October 10, 2017
Vector: Remote
Systems affected: SAP NetWeaver System Landscape Directory 7.x
Vendor: SAP
Notification status: 16.03.2017 - Vendor gets vulnerability details
10.10.2017 - Vendor releases fixed version and details
26.12.2018 - Public disclosure
Medium (6.6) (AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L)
Fix date: December 12, 2017
Vector: Remote
Systems affected: SAP NetWeaver Knowledge Management Configuration Service 7.x
Vendor: SAP
Notification status: 16.03.2017 - Vendor gets vulnerability details
12.12.2017 - Vendor releases fixed version and details
26.12.2018 - Public disclosure
Medium (5.4) (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
Fix date: September 12, 2017
Vector: Remote
Systems affected: SAP NetWeaver Development Infrastructure Cockpit 7.x
Vendor: SAP
Notification status: 16.03.2017 - Vendor gets vulnerability details
12.09.2017 - Vendor releases fixed version and details
26.12.2018 - Public disclosure
Medium (6.9) (AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N)
Fix date: December 12, 2017
Vector: Remote
Systems affected: SAP Business Warehouse Universal Data Integration 7.x
Vendor: SAP
Notification status: 16.03.2017 - Vendor gets vulnerability details
12.12.2017 - Vendor releases fixed version and details
26.12.2018 - Public disclosure
Medium (10) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Fix date: March 15, 2018
Vector: Remote
Systems affected: MGE Galaxy 3000
MGE Galaxy 4000
MGE Galaxy 5000
MGE Galaxy 6000
MGE Galaxy 9000
MGE EPS 6000
MGE EPS 7000
MGE EPS 8000
MGE Comet UPS
MGE Galaxy PW
STS (MGE Upsilon)
Vendor: Schneider Electric
Notification status: 20.02.2016 - Vendor gets vulnerability details
15.03.2018 - Vendor releases fixed version and details
18.12.2018 - Public disclosure
Medium (7.5) (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Fix date: March 15, 2018
Vector: Remote
Systems affected: MGE Galaxy 3000
MGE Galaxy 4000
MGE Galaxy 5000
MGE Galaxy 6000
MGE Galaxy 9000
MGE EPS 6000
MGE EPS 7000
MGE EPS 8000
MGE Comet UPS
MGE Galaxy PW
STS (MGE Upsilon)
Vendor: Schneider Electric
Notification status: 20.02.2016 - Vendor gets vulnerability details
15.03.2018 - Vendor releases fixed version and details
18.12.2018 - Public disclosure
Medium (5.3) (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Fix date: March 15, 2018
Vector: Remote
Systems affected: MGE Galaxy 3000
MGE Galaxy 4000
MGE Galaxy 5000
MGE Galaxy 6000
MGE Galaxy 9000
MGE EPS 6000
MGE EPS 7000
MGE EPS 8000
MGE Comet UPS
MGE Galaxy PW
STS (MGE Upsilon)
Vendor: Schneider Electric
Notification status: 20.02.2016 - Vendor gets vulnerability details
15.03.2018 - Vendor releases fixed version and details
18.12.2018 - Public disclosure
High (10) (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Fix date: March 15, 2018
Vector: Remote
Systems affected: MGE Galaxy 3000
MGE Galaxy 4000
MGE Galaxy 5000
MGE Galaxy 6000
MGE Galaxy 9000
MGE EPS 6000
MGE EPS 7000
MGE EPS 8000
MGE Comet UPS
MGE Galaxy PW
STS (MGE Upsilon)
Vendor: Schneider Electric
Notification status: 20.02.2016 - Vendor gets vulnerability details
15.03.2018 - Vendor releases fixed version and details
18.12.2018 - Public disclosure
Medium (6.9) (AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N)
Fix date: December 18, 2018
Vector: Remote
Systems affected: S3 Browser 7.x
Vendor: NetSDK Software
Notification status: 09.10.2018 - Vendor gets vulnerability details
18.12.2018 - Vendor releases fixed version and details
18.12.2018 - Public disclosure
High (7.5) AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Fix date: February 6, 2018
Vector: Remote
Systems affected: NCR S1
Vendor: NCR
Notification status: 23.06.2017 - Vendor gets vulnerability details
06.02.2018 - Vendor releases fixed version and details
14.12.2018 - Public disclosure
High (7.5) AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Fix date: February 6, 2018
Vector: Remote
Systems affected: NCR S1
Vendor: NCR
Notification status: 23.06.2017 - Vendor gets vulnerability details
06.02.2018 - Vendor releases fixed version and details
14.12.2018 - Public disclosure
Medium (5.3) AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Fix date: March 7, 2018
Vector: Remote
Systems affected: Cisco Secure ACS 5.x
Vendor: Cisco
Notification status: 01.06.2017 - Vendor gets vulnerability details
07.03.2018 - Vendor releases fixed version and details
13.12.2018 - Public disclosure
Medium (5.3) AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Fix date: March 7, 2018
Vector: Local
Systems affected: Cisco Secure ACS 5.x
Vendor: Cisco
Notification status: 01.06.2017 - Vendor gets vulnerability details
07.03.2018 - Vendor releases fixed version and details
13.12.2018 - Public disclosure
Medium (5.4) AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Fix date: July 26, 2017
Vector: Remote
Systems affected: Cisco Secure ACS 5.x
Vendor: Cisco
Notification status: 01.06.2017 - Vendor gets vulnerability details
26.07.2017 - Vendor releases fixed version and details
13.12.2018 - Public disclosure
High (9.8) (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Fix date: March 7, 2018
Vector: Remote
Systems affected: Cisco Secure ACS 5.x
Vendor: Cisco
Notification status: 01.06.2017 - Vendor gets vulnerability details
07.03.2018 - Vendor releases fixed version and details
11.12.2018 - Public disclosure
Severity level
Date filters
Date range
Year
Month
Starts:
Year
Month
Ends:
Year
Month
Vendor
Company name
Systems affected
Software name
Positive Technologies Application Inspector