Описание
Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.6.40 (исключая)
cpe:2.3:a:rapid7:nexpose:*:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00096
Низкий
6.8 Medium
CVSS3
6.5 Medium
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-428
CWE-428
Связанные уязвимости
github
больше 3 лет назад
Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40.
EPSS
Процентиль: 27%
0.00096
Низкий
6.8 Medium
CVSS3
6.5 Medium
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-428
CWE-428