Primary

Context

Netvision ISOinsight Missing Authentication Vulnerability

Vulnerability

A missing authentication vulnerability has been identified in Netvision's ISOinsight versions 2.9.0.x and 3.0.0.x. This vulnerability allows unauthenticated remote attackers to access certain system functions, including viewing the administrator list, modifying IP settings, and uploading files.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive system functions, potentially allowing attackers to manipulate system settings or upload malicious files.

Remediation

Users of ISOinsight v2.9.0.x should update to version 2.9.0.250501 or later. Users of v3.0.0.x should update to version 3.0.0.250501 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netvision ISOinsight Missing Authentication Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating