Zephyr Enterprise

zephyr_enterprise

Vendor: Smartbear • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-22892 1Smartbear 1Zephyr Enterprise Mar 4, 2025 Mar 8, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
CVE-2023-22891 1Smartbear 1Zephyr Enterprise Mar 5, 2025 Mar 8, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts.
CVE-2023-22890 1Smartbear 1Zephyr Enterprise Mar 5, 2025 Mar 8, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition.
CVE-2023-22889 1Smartbear 1Zephyr Enterprise Mar 5, 2025 Mar 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution by unauthenticated users.