CVE-2019-13550

Опубликовано: 18 сент. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 9

EPSS Низкий

Описание

In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information, cause improper control of generation of code, which may allow remote code execution or cause a system crash.

Ссылки

https://www.us-cert.gov/ics/advisories/icsa-19-260-01
Third Party Advisory
US Government Resource
https://www.us-cert.gov/ics/advisories/icsa-19-260-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*

Версия до 8.4.1 (включая)

EPSS

Процентиль: 72%

0.00726

Низкий

9.8 Critical

CVSS3

9 Critical

CVSS2

Дефекты

CWE-285

NVD-CWE-Other

Связанные уязвимости

GHSA-q8w9-qjmv-6m86