exploitDog

GHSA-3jw5-8hpm-44m2

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Improper input validation vulnerability in the Transaction Server CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to read files upload via network..

Improper input validation vulnerability in the Transaction Server CLUSTERPRO X 1.0 for Windows and later, EXPRESSCLUSTER X 1.0 for Windows and later allows attacker to read files upload via network..

Ссылки

EPSS

Процентиль: 54%

0.00316

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2021-20707

CVSS3: 7.5

nvd

больше 4 лет назад

Improper input validation vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to read files upload via network..

EPSS

Процентиль: 54%

0.00316

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20