8.8
CVE-2015-2100
- EPSS 2.93%
- Veröffentlicht 22.07.2021 18:15:18
- Zuletzt bearbeitet 21.11.2024 02:26:47
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple stack-based buffer overflows in WebGate eDVR Manager and Control Center allow remote attackers to execute arbitrary code via unspecified vectors to the (1) TCPDiscover or (2) TCPDiscover2 function in the WESPDiscovery.WESPDiscoveryCtrl.1 control.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Webgate ≫ Control Center Version-
Webgate ≫ Edvr Manager Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.93% | 0.853 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
http://www.zerodayinitiative.com/advisories/ZDI-15-057/
http://www.zerodayinitiative.com/advisories/ZDI-15-067/