Описание
Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 4.1.0.3237 (исключая)
cpe:2.3:a:lcds:laquis_scada:*:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06683
Низкий
5.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.
EPSS
Процентиль: 91%
0.06683
Низкий
5.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22
CWE-22