CVE-2020-7389 - CERT CVE
ID CVE-2020-7389
Sažetak Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.
Reference
CVSS
Base: 9.0
Impact: 10.0
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE COMPLETE COMPLETE
CVSS vektor AV:N/AC:L/Au:S/C:C/I:C/A:C
Zadnje važnije ažuriranje 15-07-2022 - 17:51
Objavljeno 22-07-2021 - 19:15