Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-24384

Опубликовано: 10 нояб. 2020
Источник: nvd
CVSS3: 9.8
CVSS2: 10
EPSS Низкий

Описание

A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5.1.x are affected. aGalaxy versions 3.0.x, 3.2.x, and 5.0.x are affected.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:a10networks:agalaxy:*:*:*:*:*:*:*:*
Версия от 3.2.1 (включая) до 3.2.4 (включая)
cpe:2.3:a:a10networks:agalaxy:*:*:*:*:*:*:*:*
Версия от 5.0.1 (включая) до 5.0.5 (исключая)
cpe:2.3:a:a10networks:agalaxy:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:a10networks:agalaxy:3.0.4:p3:*:*:*:*:*:*
cpe:2.3:a:a10networks:agalaxy:5.0.5:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:p8:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.3:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.3:p5:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.4:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.4:p5:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.5:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.5:p1:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.0.0:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.0.1:p3:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:p13:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.1:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.1:p13:sp1:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:p5:sp1:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:gr1-p4:sp1:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.100:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.100:p7:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:5.1.0:-:*:*:*:*:*:*
cpe:2.3:o:a10networks:advanced_core_operating_system:5.1.0:p3:*:*:*:*:*:*

EPSS

Процентиль: 90%
0.05638
Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-m7wp-fc57-4hr2

github
больше 3 лет назад

A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5.1.x are affected. aGalaxy versions 3.0.x, 3.2.x, and 5.0.x are affected.

EPSS

Процентиль: 90%
0.05638
Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

NVD-CWE-noinfo