CVE-2017-3222

Sažetak

Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.

Reference

http://www.inmarsat.com/news/inmarsat-response-to-ioactive-claims/
http://www.securityfocus.com/bid/99899
https://twitter.com/mkolsek/status/923988845783322625
https://www.kb.cert.org/vuls/id/586501

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

10-12-2020 - 20:59

Objavljeno

22-07-2017 - 20:29