CVE-2018-14822

Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability in the web interface has been identified,…

icscert·CWE-598·Published 2018-10-02

CVSS

—

EPSS

0.03

KEV

Exploits

cve.orgen

226 chars

Entes EMG12 versions 2.57 and prior an information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user and execute arbitrary code.

NVDen

226 chars

NVDes

256 chars

Se ha identificado una vulnerabilidad de exposición de información mediante cadenas de consulta en la interfaz web de Entes EMG12 en versiones 2.57 y anteriores que podría permitir que un atacante suplante a un usuario legítimo y ejecute código arbitrario.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H