Novastar

novastar

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Novaicare

novaicare

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-38289 1Novastar 1Novaicare Apr 7, 2026 Jul 12, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and oth...Show more An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts. NOTE: As of April 2026, the vendor has officially decommissioned the affected legacy endpoints and associated services. The vulnerability is mitigated as the functional logic is no longer operational and the URLs have been removed from production.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-38289

1Novastar

1Novaicare

Apr 7, 2026

Jul 12, 2022

N/A· v4

8.8 HIGH· v3

6.5 MEDIUM· v2

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts. NOTE: As of April 2026, the vendor has officially decommissioned the affected legacy endpoints and associated services. The vulnerability is mitigated as the functional logic is no longer operational and the URLs have been removed from production.Show less