exploitDog

CVE-2023-45894

Опубликовано: 14 дек. 2023

Источник: nvd

CVSS3: 10

EPSS Низкий

Описание

The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code execution via standard kiosk breakout techniques.

Ссылки

https://github.com/Oracle-Security/CVEs/blob/main/Parallels%20Remote%20Server/readme.md
Third Party Advisory
https://github.com/Oracle-Security/CVEs/blob/main/Parallels%20Remote%20Server/readme.md
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:parallels:remote_application_server:*:*:*:*:*:*:*:*

Версия до 19.2.23975 (исключая)

EPSS

Процентиль: 87%

0.03473

Низкий

10 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-756q-cg5p-5457

CVSS3: 10

github

около 2 лет назад

The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code execution via standard kiosk breakout techniques.

EPSS

Процентиль: 87%

0.03473

Низкий

10 Critical

CVSS3

Дефекты

NVD-CWE-noinfo