CVE-2020-7382 - CERT CVE

  1. CVE-2020-7382

ID CVE-2020-7382
Sažetak Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40.
Reference
CVSS
Base: 4.4
Impact: 6.4
Exploitability:3.4
Pristup
VektorSloženostAutentikacija
LOCAL MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:L/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 11-09-2020 - 15:49
Objavljeno 03-09-2020 - 14:15