9.8
CVE-2020-19559
- EPSS 1.19%
- Veröffentlicht 11.09.2023 19:15:41
- Zuletzt bearbeitet 21.11.2024 05:09:15
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginAn issue in Diebold Aglis XFS for Opteva v.4.1.61.1 allows a remote attacker to execute arbitrary code via a crafted payload to the ResolveMethod() parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dieboldnixdorf ≫ Agilis Xfs For Opteva Version4.1.61.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.19% | 0.639 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-502 Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
https://medium.com/nightst0rm/t%E1%BA%A3n-m%E1%BA%A1n-v%E1%BB%81-l%E1%BB%97-h%E1%BB%95ng-trong-atm-diebold-f1040a70f2c9