How severe is CVE-2018-17888?

CVE-2018-17888 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2018-17888

Name: nuuo_cms
Author: nuuo

9.8CRITICAL

NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code executi

Publicado: 10/12/2018Actualizado: 11/21/2024

Descripción

NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution.

Análisis IAImpulsado por IA

Productos Afectados

nuuonuuo_cms

Referencias

http://www.securityfocus.com/bid/105717
Third Party AdvisoryVDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02
PatchThird Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/105717
Third Party AdvisoryVDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02
PatchThird Party AdvisoryUS Government Resource