exploitDog

CVE-2018-15508

Опубликовано: 21 мар. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhone(issue 1 of 2).

Ссылки

https://0tkombo.wixsite.com/0tkombo/blog/five9-dos-websocket-access
Exploit
Third Party Advisory
https://0tkombo.wixsite.com/0tkombo/blog/five9-dos-websocket-access
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:five9:agent_desktop_plus:10.0.70:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00667

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-732

Связанные уязвимости

GHSA-86q9-j2jh-wc2w

CVSS3: 7.5

github

больше 3 лет назад

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhone(issue 1 of 2).

EPSS

Процентиль: 71%

0.00667

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-732