PT-2021-7222 · Mce Systems · Mce Systems
Published
2021-10-01
·
Updated
2021-10-01
·
CVE-2021-42599
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
MCE Systems (affected versions not specified)
Description
The vulnerability in the MCE Systems mobile device lifecycle management system's WebView component is related to the failure to neutralize special elements used in the operating system command when processing the
value parameter. This could allow an attacker to execute arbitrary commands.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
OS Command Injection
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mce Systems