PT-2018-10726 · Dialogic · Dialogic Powermedia Xms
Publicado
2018-07-03
·
Atualizado
2019-10-03
·
CVE-2018-11642
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dialogic PowerMedia XMS versions prior to 3.5
Description
The issue concerns an incorrect permission assignment on the /var/www/xms/cleanzip.sh shell script, which is run periodically. This allows local users to execute code as the root user.
Recommendations
For versions prior to 3.5, update to version 3.5 or later to resolve the issue.
Exploit
Correção
Incorrect Permission
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Dialogic Powermedia Xms