8.8
CVE-2018-10508
- EPSS 0.63%
- Published 12.06.2018 17:29:00
- Last modified 21.11.2024 03:41:27
- Source security@trendmicro.com
- Teams watchlist Login
- Open Login
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to use a specially crafted URL to elevate account permissions on vulnerable installations. An attacker must already have at least guest privileges in order to exploit this vulnerability.
Data is provided by the National Vulnerability Database (NVD)
Trendmicro ≫ Officescan Version11.0 Updatesp1
Trendmicro ≫ Officescan Versionxg
Trendmicro ≫ Officescan Versionxg Updatesp1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.63% | 0.677 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|