CVE-2021-43458

Опубликовано: 04 апр. 2022

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1 via a specially crafted file in the (1) hsflowd, (2) VembuBDR360Agent, or (3) VembuOffice365Agent service paths.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/198151
Third Party Advisory
VDB Entry
https://github.com/M507/Miner
Third Party Advisory
https://www.exploit-db.com/exploits/49641
Exploit
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/198151
Third Party Advisory
VDB Entry
https://github.com/M507/Miner
Third Party Advisory
https://www.exploit-db.com/exploits/49641
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vembu:bdr_suite:4.2.0.1:update1:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00079

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-428

Связанные уязвимости

GHSA-mxf4-gxw9-74f4