Описание
Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outage) by leveraging an unattended workstation, aka ZEN-15412.
Ссылки
- Third Party AdvisoryUS Government Resource
- https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharingVendor Advisory
- Third Party AdvisoryUS Government Resource
- https://docs.google.com/spreadsheets/d/1dHAc4PxUbs-4Dxzm1wSCE0sMz5UCMY6SW3PlMHSyuuQ/edit?usp=sharingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.0.0 (включая)
Одно из
cpe:2.3:a:zenoss:zenoss_core:*:beta_3:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:4.2.5:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:5.0.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:zenoss:zenoss_core:5.0.0:beta_2:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00492
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-77
Связанные уязвимости
debian
около 11 лет назад
Zenoss Core through 5 Beta 3 does not require a password for modifying ...
github
больше 3 лет назад
Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outage) by leveraging an unattended workstation, aka ZEN-15412.
EPSS
Процентиль: 65%
0.00492
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-77