10
CVE-2022-23992
- EPSS 1.69%
- Veröffentlicht 14.02.2022 22:15:08
- Zuletzt bearbeitet 21.11.2024 06:49:36
- Quelle vuln@ca.com
- CVE-Watchlists
- Unerledigt
LoginXCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands with elevated privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Broadcom ≫ Xcom Data Transport Version11.6 SwPlatformlinux
Broadcom ≫ Xcom Data Transport Version11.6 SwPlatformunix
Broadcom ≫ Xcom Data Transport Version11.6 SwPlatformwindows
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.69% | 0.817 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.