CVE-2021-44123 - CERT CVE

  1. CVE-2021-44123

ID CVE-2021-44123
Sažetak SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to execute it.
Reference
CVSS
Base: 6.5
Impact: 6.4
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:L/Au:S/C:P/I:P/A:P
Zadnje važnije ažuriranje 02-02-2022 - 16:15
Objavljeno 26-01-2022 - 12:15