WALLIX Bastion 7.x, 8.x, 9.x and 10.x and WALLIX Access Manager 3.x and 4.x have Incorrect Access Control which can lead to sensitive data...
7.5CVSS
7.5AI Score
0.001EPSS
The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. SCP and SFTP plugins don't honor group-based JIT MFA. Establishing a SCP/SFTP connection through The Bastion via a group access where MFA is enforced does not ask for additional factor. This...
4.8CVSS
4.6AI Score
0.0004EPSS
WALLIX Bastion 9.x before 9.0.9 and 10.x before 10.0.5 allows unauthenticated access to sensitive information by bypassing access control on a network access administration web...
7.5CVSS
7.4AI Score
0.001EPSS
WALLIX Access Manager 3.x through 4.0.x allows a remote attacker to access sensitive...
7.5CVSS
7.4AI Score
0.002EPSS