exploitDog

CVE-2017-10865

Опубликовано: 12 окт. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 9.3

EPSS Низкий

Описание

Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863.

Ссылки

http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html
Issue Tracking
Vendor Advisory
https://jvn.jp/en/jp/JVN55516206/index.html
Third Party Advisory
VDB Entry
http://www.hitachi-solutions.co.jp/hibun/sp/support/importance/20170929.html
Issue Tracking
Vendor Advisory
https://jvn.jp/en/jp/JVN55516206/index.html
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hitachi-solutions:confidential_file_decryption:-:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00113

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-426

Связанные уязвимости

GHSA-2v36-ccwm-6xw3

CVSS3: 7.8

github

больше 3 лет назад

Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863.

EPSS

Процентиль: 30%

0.00113

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-426