CVE-2017-2231

EPSS 1.2%

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

07 jul 2017Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Untrusted search path vulnerability in The installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017, The self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Productos afectados

Ministry of Land, Infrastructure, Transport and Tourism, Japan · The installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ministry of Land, Infrastructure, Transport and Tourism, Japan · The self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://jvn.jp/en/jp/JVN06337557/index.html http://www.mlit.go.jp/common/001189444.pdf http://www.mlit.go.jp/gobuild/gobuild_cals_sysv3.html