Описание
Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.4.0.469 (включая)
Одновременно
cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:ah1100:-:*:*:*:*:*:*:*
cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02899
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-77
CWE-77
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected.
EPSS
Процентиль: 86%
0.02899
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-77
CWE-77