NVD disclosure day
CVE-2017-14854
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A stack buffer overflow in Orpak SiteOmat CGI components allows remote code execution. This impacts affected systems and could lead to unauthorized actions or data compromise, posing a significant business risk.
CVE-2017-14851
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A SQL injection vulnerability affects Orpak SiteOmat, allowing authentication bypass through its login page. This creates a risk of unauthorized access to systems, potentially impacting data confidentiality and integrity. The business risk centers on compromised system access and data security.
CVE-2017-14728
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
An authentication bypass vulnerability in SiteOmat software allows unauthorized access to systems, potentially exposing operational data and disrupting business processes. This presents a significant business risk due to the potential for data compromise and system disruption.
CVE-2019-11580
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
Atlassian Crowd and Crowd Data Center are affected by a vulnerability allowing arbitrary plugin installation and remote code execution. This poses a business risk by potentially compromising systems, data, and operations. Organizations should apply vendor-provided updates.