exploitDog

CVE-2021-38289

Опубликовано: 12 июл. 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts.

Ссылки

https://github.com/viperbluff/Novastar-VNNOX-iCare-Privilege-Escalation
Exploit
Third Party Advisory
https://twitter.com/viperbluff/status/1439941380244230150?s=20&t=iPSn8eNxaxUKis5OKSQJRQ
Exploit
Third Party Advisory
https://github.com/viperbluff/Novastar-VNNOX-iCare-Privilege-Escalation
Exploit
Third Party Advisory
https://twitter.com/viperbluff/status/1439941380244230150?s=20&t=iPSn8eNxaxUKis5OKSQJRQ
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:novastar:novaicare:7.16.0:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.0031

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-732

Связанные уязвимости

GHSA-8h8h-mjfx-hghg

CVSS3: 8.8

github

больше 3 лет назад

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts.

EPSS

Процентиль: 54%

0.0031

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-732