10

CVE-2018-9091

EPSS 1.12%
Veröffentlicht 25.05.2018 19:29:00
Zuletzt bearbeitet 21.11.2024 04:14:57
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

A critical vulnerability in the KEMP LoadMaster Operating System (LMOS) 6.0.44 through 7.2.41.2 and Long Term Support (LTS) LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, etc., thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information may be possible.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Kemptechnologies ≫ Loadmaster Operating System Version >= 6.0.44 <= 7.2.41.2

Kemptechnologies ≫ Loadmaster Operating System SwEditionlts Version < 7.1.35.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.12%	0.776

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://support.kemptechnologies.com/hc/en-us/articles/360001982452-Mitigation-for-Remote-Access-Execution-Vulnerability

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-9091

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-9091

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-9091

EUVD