← Back

Temenos

temenos

4 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Cwx
cwx
3 CVEs
T24
t24
1 CVE

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-45287
1Temenos
1Cwx
Dec 6, 2024
Jun 21, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
An access control issue in Registration.aspx of Temenos CWX 8.5.6 allows authenticated attackers to escalate privileges and perform arbitrary Administrative commands.
CVE-2023-34797
1Temenos
1Cwx
Nov 21, 2024
Jun 15, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows attackers to access sensitive information.
CVE-2019-14251
1Temenos
1T24
Nov 21, 2024
Dec 9, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in T24 in TEMENOS Channels R15.01. The login page presents JavaScript functions to access a document on the server once successfully authenticated. However, an attacker can leverage downloadDocSer...Show more
An issue was discovered in T24 in TEMENOS Channels R15.01. The login page presents JavaScript functions to access a document on the server once successfully authenticated. However, an attacker can leverage downloadDocServer() to traverse the file system and access files or directories that are outside of the restricted directory because WealthT24/GetImage is used with the docDownloadPath and uploadLocation parameters.Show less
CVE-2019-13403
1Temenos
1Cwx
Nov 21, 2024
Jul 17, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.