exploitDog

CVE-2019-6265

Опубликовано: 25 фев. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges.

Ссылки

https://www.detack.de/en/cve-2019-6265-6266
Mitigation
Third Party Advisory
https://www.detack.de/en/cve-2019-6265-6266
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cordaware:bestinformed:*:*:*:*:*:windows:*:*

Версия до 6.2.1.0 (исключая)

EPSS

Процентиль: 43%

0.00209

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-v7wc-3rf3-ffpp

CVSS3: 7.8

github

больше 3 лет назад

The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges.

EPSS

Процентиль: 43%

0.00209

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo