exploitDog

CVE-2020-11941

Опубликовано: 27 апр. 2020

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

An issue was discovered in Open-AudIT 3.2.2. There is OS Command injection in Discovery.

Ссылки

http://packetstormsecurity.com/files/157476/Open-AudIT-3.2.2-Command-Injection-SQL-Injection.html
Third Party Advisory
https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v3.3.0
Release Notes
Third Party Advisory
https://www.coresecurity.com/advisories/open-audit-multiple-vulnerabilities
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/157476/Open-AudIT-3.2.2-Command-Injection-SQL-Injection.html
Third Party Advisory
https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v3.3.0
Release Notes
Third Party Advisory
https://www.coresecurity.com/advisories/open-audit-multiple-vulnerabilities
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opmantek:open-audit:3.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03955

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-v6r2-q8r3-9w6g

github

больше 3 лет назад

An issue was discovered in Open-AudIT 3.2.2. There is OS Command injection in Discovery.

EPSS

Процентиль: 88%

0.03955

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-78