← volver
CVE-2017-20025

Solare Solar-Log Flash Memory privileges management

CVSS 7.3 HIGHEPSS 1.0%CWE-269
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.3EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
09 jun 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Flash Memory. The manipulation leads to privilege escalation. The attack can be launched remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Productos afectados
Solare · Solar-Log

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://seclists.org/fulldisclosure/2017/Mar/58https://vuldb.com/?id.98935