CRITICAL🇬🇧 English

CVE-2022-34824

CVSS 9.8v3.1pub. 2022-11-08upd. 2025-05-01

Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Nec Expresscluster X

    APP
    Nec
    ≤ 5.0
  • Nec Expresscluster X Singleserversafe

    APP
    Nec
    ≤ 5.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEAuth Bypass
CWE
Referencje

Powiązane podatności

CVE-2022-34825CRITICAL9.8ten sam produkt

Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows...

CVE-2022-34823CRITICAL9.8ten sam produkt

Buffer overflow vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows an...

CVE-2022-34822CRITICAL9.8ten sam produkt

Path traversal vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and...

CVE-2021-20700CRITICAL9.8ten sam produkt

Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3...

CVE-2021-20702CRITICAL9.8ten sam produkt

Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUST...

CVE-2022-34824 — CRITICAL 9.8 | CVEbaza.pl