Описание
AVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path.
Ссылки
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:aveva:batch_management:2020:*:*:*:*:*:*:*
cpe:2.3:a:aveva:enterprise_data_management:2020:*:*:*:*:*:*:*
cpe:2.3:a:aveva:manufacturing_execution_system:2020:*:*:*:*:*:*:*
cpe:2.3:a:aveva:mobile_operator:2020:*:*:*:*:*:*:*
cpe:2.3:a:aveva:platform_common_services:4.4.6:*:*:*:*:*:*:*
cpe:2.3:a:aveva:platform_common_services:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:aveva:platform_common_services:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:aveva:platform_common_services:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:r2:*:*:*:*:*:*
cpe:2.3:a:aveva:system_platform:2020:r2_p01:*:*:*:*:*:*
cpe:2.3:a:aveva:work_tasks:2020:-:*:*:*:*:*:*
cpe:2.3:a:aveva:work_tasks:2020:update_1:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00109
Низкий
7.3 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-427
CWE-427
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
AVEVA Software Platform Common Services (PCS) Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path.
EPSS
Процентиль: 30%
0.00109
Низкий
7.3 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-427
CWE-427