7.8

CVE-2017-20083

Exploit
A vulnerability, which was classified as critical, was found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832. Affected is an unknown function of the component SSH Server. The manipulation leads to backdoor. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.900 is able to address this issue. It is recommended to upgrade the affected component.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jung-groupSmart Visu Server Firmware Version1.0.804
   Jung-groupSmart Visu Server Version-
Jung-groupSmart Visu Server Firmware Version1.0.830
   Jung-groupSmart Visu Server Version-
Jung-groupSmart Visu Server Firmware Version1.0.832
   Jung-groupSmart Visu Server Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.07% 0.226
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
cna@vuldb.com 5.3 1.8 3.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE-912 Hidden Functionality

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

http://seclists.org/fulldisclosure/2017/Feb/18
Third Party Advisory
Exploit
Mailing List
https://vuldb.com/?id.96816
Third Party Advisory
VDB Entry
Permissions Required