exploitDog

CVE-2018-10604

Опубликовано: 24 июл. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution.

Ссылки

https://ics-cert.us-cert.gov/advisories/ICSA-18-191-02
Third Party Advisory
US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-18-191-02
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:selinc:sel_compass:*:*:*:*:*:*:*:*

Версия до 3.0.5.1 (включая)

EPSS

Процентиль: 69%

0.00609

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-276

CWE-276

Связанные уязвимости

GHSA-jm27-chwj-2652

CVSS3: 8.8

github

больше 3 лет назад

SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution.

EPSS

Процентиль: 69%

0.00609

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-276

CWE-276