PT-2018-13410 · Microsoft+1 · Lxci For Microsoft System Center+1

Publicado

2018-11-30

·

Atualizado

2018-12-28

·

CVE-2018-16097

CVSS v3.1

6.5

Média

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions LXCI for VMware versions prior to 5.5 LXCI for Microsoft System Center versions prior to 3.5
Description The issue allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.
Recommendations For LXCI for VMware versions prior to 5.5, update to version 5.5 or later. For LXCI for Microsoft System Center versions prior to 3.5, update to version 3.5 or later.

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2018-16097

Produtos afetados

Lxci For Microsoft System Center
Lxci For Vmware