Описание
Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing specially crafted POC files lacking user input validation. This may allow an attacker to read confidential information and remotely execute arbitrary code.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 9.80.75.3 (исключая)
Одно из
cpe:2.3:a:hornerautomation:cscape:*:*:*:*:*:*:*:*
cpe:2.3:a:hornerautomation:cscape:9.80.75.3:-:*:*:*:*:*:*
cpe:2.3:a:hornerautomation:cscape:9.80.75.3:sp1:*:*:*:*:*:*
cpe:2.3:a:hornerautomation:cscape:9.80.75.3:sp2:*:*:*:*:*:*
cpe:2.3:a:hornerautomation:cscape:9.80.75.3:sp3:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00204
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-20
CWE-20
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing specially crafted POC files lacking user input validation. This may allow an attacker to read confidential information and remotely execute arbitrary code.
EPSS
Процентиль: 42%
0.00204
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-20
CWE-20