Vulnerabilities in 1E
8 resultsCVE-2023-45163CRITICAL1E-Exchange-CommandLinePing instruction before v18.1 allows for arbitrary code executionEPSS 0.9%CVE-2023-5964CRITICAL1E-Exchange-DisplayMessage instruction allows for arbitrary code executionEPSS 0.8%CVE-2023-45161CRITICAL1E-Exchange-URLResponseTime instruction before v20.1 allows arbitrary code executionEPSS 0.8%CVE-2023-45160HIGHElevated Temp Directory Execution in 1E ClientEPSS 0.7%CVE-2023-45162CRITICALBlind SQL vulnerability in 1E platformEPSS 0.6%CVE-2024-7211MEDIUMThe Duende Identity Server based component in 1E Platform may allow URL redirections to untrusted websites.EPSS 0.2%CVE-2023-45159HIGH1E Client installer can perform arbitrary file deletion on protected filesEPSS 0.2%CVE-2025-1683HIGHSymbolic Link Exploit in 1E Client's - Nomad module allows Arbitrary File DeletionEPSS 0.2%