CVE-2017-2231

EPSS 1.2%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

07 Jul 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Untrusted search path vulnerability in The installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017, The self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected products

Ministry of Land, Infrastructure, Transport and Tourism, Japan · The installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ministry of Land, Infrastructure, Transport and Tourism, Japan · The self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://jvn.jp/en/jp/JVN06337557/index.html http://www.mlit.go.jp/common/001189444.pdf http://www.mlit.go.jp/gobuild/gobuild_cals_sysv3.html