Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-g594-6376-7c5r

Опубликовано: 29 мар. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 9.8

Описание

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user.

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user.

Ссылки

EPSS

Процентиль: 98%
0.63172
Средний

9.8 Critical

CVSS3

CVE ID

CVE-2023-28503

Дефекты

CWE-287
CWE-798

Связанные уязвимости

nvd логотип

CVE-2023-28503

CVSS3: 9.8
nvd
почти 3 года назад

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user.

fstec логотип

BDU:2023-02096

CVSS3: 9.8
fstec
почти 3 года назад

Уязвимость функции do_log_on_user() платформ баз данных Rocket Software UniData и UniVerse UniRPC, связанная с обходом проверки подлинности, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольные команды

EPSS

Процентиль: 98%
0.63172
Средний

9.8 Critical

CVSS3

CVE ID

CVE-2023-28503

Дефекты

CWE-287
CWE-798