PT-2020-7098 · Greenbone Networks · Openvas Manager
Jan Iankko Lieskovsky
·
Published
2020-02-05
·
Updated
2020-02-10
·
CVE-2011-1597
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
OpenVAS Manager version 2.0.3
Description
The issue allows for remote code execution through plugins.
Recommendations
For OpenVAS Manager version 2.0.3, consider disabling plugin functionality until a patch is available.
Restrict access to the plugin interface to minimize the risk of exploitation.
Avoid using the plugin feature in the affected version until the issue is resolved.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openvas Manager