exploitDog

CVE-2019-12097

Опубликовано: 03 июн. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe.

Ссылки

https://vuldb.com/?id.135671
Third Party Advisory
https://vuldb.com/?id.135671
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:progress:fiddler:5.0.20182.28034:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.00012

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-354

Связанные уязвимости

GHSA-rjcf-8wrm-39hf

github

больше 3 лет назад

Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe.

EPSS

Процентиль: 1%

0.00012

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-354