exploitDog

CVE-2020-14490

Опубликовано: 29 июл. 2020

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

OpenClinic GA 5.09.02 and 5.89.05b includes arbitrary local files specified within its parameter and executes some files, which may allow disclosure of sensitive files or the execution of malicious uploaded files.

Ссылки

https://us-cert.cisa.gov/ics/advisories/ICSMA-20-184-01
Third Party Advisory
US Government Resource
https://us-cert.cisa.gov/ics/advisories/ICSMA-20-184-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openclinic_ga_project:openclinic_ga:5.09.02:*:*:*:*:*:*:*

cpe:2.3:a:openclinic_ga_project:openclinic_ga:5.89.05b:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.0019

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-22

CWE-22

Связанные уязвимости

GHSA-p38c-f9r4-phgg

github

больше 3 лет назад

OpenClinic GA 5.09.02 and 5.89.05b includes arbitrary local files specified within its parameter and executes some files, which may allow disclosure of sensitive files or the execution of malicious uploaded files.

EPSS

Процентиль: 41%

0.0019

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-22

CWE-22