exploitDog

CVE-2020-25170

Опубликовано: 06 нояб. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export.

Ссылки

https://us-cert.cisa.gov/ics/advisories/icsma-20-296-01
Third Party Advisory
US Government Resource
https://us-cert.cisa.gov/ics/advisories/icsma-20-296-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bbraun:onlinesuite_application_package:*:*:*:*:*:*:*:*

Версия до 3.0 (включая)

EPSS

Процентиль: 37%

0.00156

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-1236

Связанные уязвимости

GHSA-9m9g-8648-6jwx

github

больше 3 лет назад

An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export.

EPSS

Процентиль: 37%

0.00156

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-1236