exploitDog

CVE-2023-31488

Опубликовано: 10 янв. 2024

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Hyland Perceptive Filters releases before 2023-12-08 (e.g., 11.4.0.2647), as used in Cisco IronPort Email Security Appliance Software, Cisco Secure Email Gateway, and various non-Cisco products, allow attackers to trigger a segmentation fault and execute arbitrary code via a crafted document.

Ссылки

https://bst.cisco.com/quickview/bug/CSCwe11003
Vendor Advisory
https://bst.cisco.com/quickview/bug/CSCwe11003
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:ironport_email_security_appliance:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:cisco:secure_email_gateway_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:secure_email_gateway:-:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00908

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-787

Связанные уязвимости

GHSA-hjc5-g972-rc2j

CVSS3: 9.8

github

около 2 лет назад

Hyland Perceptive Filters releases before 2023-12-08 (e.g., 11.4.0.2647), as used in Cisco IronPort Email Security Appliance Software, Cisco Secure Email Gateway, and various non-Cisco products, allow attackers to trigger a segmentation fault and execute arbitrary code via a crafted document.

EPSS

Процентиль: 75%

0.00908

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-787