[Forgot Password]
Login  Register Subscribe

25354

 
 

132804

 
 

134312

 
 

909

 
 

108836

 
 

152

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2014-2331Date: (C)2015-09-02   (M)2019-11-09


Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2330.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 8.5
Exploit Score: 6.8
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication:
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
http://www.securityfocus.com/archive/1/531594
http://www.securityfocus.com/archive/1/531656

CWE    1
CWE-94
OVAL    8
oval:org.secpod.oval:def:107069
oval:org.secpod.oval:def:107643
oval:org.secpod.oval:def:107556
oval:org.secpod.oval:def:106876
...

© SecPod Technologies