CVE-2019-18308

Name of the Vulnerable Software and Affected Versions SPPA-T3000 MS3000 Migration Server (All versions)

Description A vulnerability has been identified that allows an attacker with local access to the MS3000 Server and a low privileged user account to gain root privileges by manipulating specific files in the local file system. This issue can be exploited by an attacker with local access to the MS3000 Server. At the time of advisory publication, no public exploitation of this security issue was known.

Recommendations For SPPA-T3000 MS3000 Migration Server, restrict access to the local file system to minimize the risk of exploitation. As a temporary workaround, consider limiting the privileges of low-privileged user accounts until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.