8.8
CVE-2018-0686
- EPSS 0.96%
- Veröffentlicht 15.11.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:44
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginDenbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote authenticated attackers to upload and execute any executable files via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Neo ≫ Debun Imap Version <= 3.3i_r4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.96% | 0.757 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
CWE-434 Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.