CVE Daily

CVE-2018-19005

Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerabil...

High CVSS 7.8

Overview

Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing specially crafted POC files lacking user input validation. This may allow an attacker to read confidential information and remotely execute arbitrary code.

CWE: CWE-20 Published: 2018-12-20T21:29:00.883
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.8 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags