exploitDog

CVE-2018-15807

Опубликовано: 23 авг. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass any POSIM EVO login prompt.

Ссылки

https://versprite.com/advisories/posim-evo-for-windows/
Third Party Advisory
https://versprite.com/advisories/posim-evo-for-windows/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:posim:evo:15.13:*:*:*:*:windows:*:*

EPSS

Процентиль: 18%

0.00057

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-330

Связанные уязвимости

GHSA-5wwr-75ff-wp92

CVSS3: 7.8

github

больше 3 лет назад

POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. This Override prompt expects a code that is computed locally using a deterministic algorithm. This code may be generated by an attacker and used to bypass any POSIM EVO login prompt.

EPSS

Процентиль: 18%

0.00057

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-330