Mik.starlight

mik.starlight

Vendor: Unit4 • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-36234 1Unit4 1Mik.starlight Nov 21, 2024 Aug 31, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt credentials via unspecified vectors.
CVE-2021-36233 1Unit4 1Mik.starlight Nov 21, 2024 Aug 31, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path.
CVE-2021-36232 1Unit4 1Mik.starlight Nov 21, 2024 Aug 31, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated attacker to escalate privileges.
CVE-2021-36231 1Unit4 1Mik.starlight Nov 21, 2024 Aug 31, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows authenticated remote attackers to execute operating system commands by crafting serialized objects.