CVE-2018-18992

Опубликовано: 05 фев. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server.

Ссылки

http://www.securityfocus.com/bid/106634
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/106634
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lcds:laquis_scada:*:*:*:*:*:*:*:*

Версия до 4.1.0.4150 (исключая)

EPSS

Процентиль: 62%

0.00435

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-6q6c-mcmq-5996