A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web…
jci·CWE-347·Published 2020-06-26
A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could potentially download and run a malicious executable that could allow OS command injection on the system.
A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could potentially download and run a malicious executable that could allow OS command injection on the system.
Se presenta una vulnerabilidad que podría permitir una ejecución de código no autorizado o comandos del Sistema Operativo en sistemas que ejecutan exacqVision Web Service versiones 20.06.3.0 y anteriores y exacqVision Enterprise Manager versiones 20.06.3.0 y anteriores. Un atacante con privilegios administrativos podría descargar potencialmente y correr un ejecutable mal20.06.4.0icioso que podría permitir una inyección de comandos del Sistema Operativo en el sistema
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 9.0 | 8.0 | 10.0 | AV:N/AC:L/Au:S/C:C/I:C/A:C |
| 3.1 | Primary | NVD | 7.2 | 1.2 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 6.8 | — | — | CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L |
| 3.1 | Primary | cve.org | 6.8 | — | — | CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L |
| 3.1 | Secondary | NVD | 6.8 | 1.0 | 5.3 | CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L |