Описание
An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-770
Связанные уязвимости
CVSS3: 3.1
github
больше 2 лет назад
An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability.
EPSS
Процентиль: 18%
0.00056
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-770