PT-2024-10171 · Unknown · License Center
Anh Nguyen Le Quoc
+7
·
Published
2024-10-09
·
Updated
2024-12-09
·
CVE-2024-48863
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
License Center versions prior to 1.9.43
Description
A command injection vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. This issue is related to the failure to neutralize special elements used in operating system commands.
Recommendations
For versions prior to 1.9.43, update to License Center 1.9.43 or later to resolve the issue. As a temporary workaround, consider restricting access to the License Center to minimize the risk of exploitation.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
License Center