Описание
Macrovision InstallAnywhere Enterprise before 8.0.1 uses the InstallScript.iap_xml configuration file without integrity protection to verify authorization for installing an application, which allows local users to perform unauthorized installations by removing the (1) password or (2) serial number verification sections from this file.
Ссылки
- Patch
- Vendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:macrovision:installanywhere:8:*:enterprise:*:*:*:*:*
cpe:2.3:a:macrovision:installanywhere:8:*:standard:*:*:*:*:*
EPSS
Процентиль: 23%
0.00076
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Macrovision InstallAnywhere Enterprise before 8.0.1 uses the InstallScript.iap_xml configuration file without integrity protection to verify authorization for installing an application, which allows local users to perform unauthorized installations by removing the (1) password or (2) serial number verification sections from this file.
EPSS
Процентиль: 23%
0.00076
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other