CVE-2018-18992

Sažetak

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server.

Reference

http://www.securityfocus.com/bid/106634
https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

09-10-2019 - 23:37

Objavljeno

05-02-2019 - 18:29