Описание
Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:inmarsat:amosconnect:8.0:*:*:*:*:*:*:*
cpe:2.3:a:inmarsat:amosconnect:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:inmarsat:amosconnect:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:inmarsat:amosconnect:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:inmarsat:amosconnect:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:inmarsat:amosconnect:8.2.2:*:*:*:*:*:*:*
cpe:2.3:a:inmarsat:amosconnect:8.3.0:*:*:*:*:*:*:*
cpe:2.3:a:inmarsat:amosconnect:8.3.1:*:*:*:*:*:*:*
cpe:2.3:a:inmarsat:amosconnect:8.4.0:*:*:*:*:*:*:*
cpe:2.3:a:inmarsat:amosconnect:8.4.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06119
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-798
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.
fstec
больше 8 лет назад
Уязвимость службы Task Manager системы управления почтовыми рассылками AmosConnect, позволяющая нарушителю выполнить произвольные команды на хост-платформе операционной системы
EPSS
Процентиль: 91%
0.06119
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-798
CWE-798