How severe is CVE-2017-13083?

CVE-2017-13083 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2017-13083

Name: rufus
Author: rufus_project

5.3MEDIUM

Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code

Publicado: 10/18/2017Actualizado: 4/20/2025

Descripción

Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code

Análisis IAImpulsado por IA

Productos Afectados

rufus_projectrufus

Referencias

http://www.kb.cert.org/vuls/id/403768
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/100516
Third Party AdvisoryVDB Entry
https://github.com/pbatard/rufus/commit/c3c39f7f8a11f612c4ebf7affce25ec6928eb1cb
Third Party Advisory
https://github.com/pbatard/rufus/issues/1009
Third Party Advisory
http://www.kb.cert.org/vuls/id/403768
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/100516
Third Party AdvisoryVDB Entry
https://github.com/pbatard/rufus/commit/c3c39f7f8a11f612c4ebf7affce25ec6928eb1cb
Third Party Advisory
https://github.com/pbatard/rufus/issues/1009
Third Party Advisory