Cloud Vulnerabilities

This page lists known security vulnerabilities found in Fabasoft Cloud and surrounding systems. The article titles contain the Fabasoft issue number and, in the case of third-party software, the official CVE number. Information about the affected components, severity level, current status and how to prevent the issue as well as hotfix information if applicable, can be found on the detail pages. You can also use the full text search to find specific vulnerabilities.

If you have found a possible security vulnerability, please contact Fabasoft Enterprise Support providing detailed information about the problem found.

  • ID: FSC31322 Affected Components: Fabasoft Cloud, Fabasoft Folio Severity: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H, Basic Score: 10.0 (Critical) Status: Final First published: 13.12.2021 CVEs: CVE-2021-44228 Informations for another Log4j issues CVE-2021-45046 and CVE-2021-45105 see at the end of this article. Information A flaw was found in the Java logging...Read more
  • ID: FSC29337 Affected Components: Fabasoft Folio Webservices, Fabasoft Cloud Webservices Severity: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N, Basic Score: 7.3 Status: Final First published: 28.08.2021 CVEs: - Summary By passing a malicious content in a parameter to the first request in the Fabasoft Folio web client, an error will be...Read more
  • ID: FSC21815 Affected Components: Fabasoft Cloud Client, Fabasoft Folio Client Severity: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L, Basic Score: 8.3 (High) Status: Final First published: 14.05.2020 CVEs: - Summary The Fabasoft Cloud or Fabasoft Folio browser extension uses web messaging to communicate with the Fabasoft Cloud Client or Fabasoft Folio...Read more
  • ID: FSC21814 Affected Components: Fabasoft Cloud Web Services, Fabasoft Folio Web Services Severity: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N, Basic Score: 6,5 (Medium) Status: Final First published: 14.05.2020 CVEs: CVE-2018-16323 Summary Due to the vulnerability CVE-2018-16323 in ImageMagick when converting images and downloading them memory fragments can be leaked via...Read more