PT-2018-18863 · Systematic · Systematic Sitaware
2U53
·
Published
2018-04-04
·
Updated
2018-05-22
·
CVE-2018-9115
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Systematic SitaWare version 6.4 SP2
Description
The issue arises from insufficient input validation from other sources, such as information utilizing the NVG interface. This can allow an attacker to freeze the Situational Layer, preventing updates to the Situational Picture. The user may not notice this issue until attempting to work with the affected layer.
Recommendations
For Systematic SitaWare version 6.4 SP2, consider restricting access to the NVG interface as a temporary mitigation measure until a patch is available. Additionally, monitor the Situational Layer for any signs of freezing to minimize the impact of potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Systematic Sitaware