Lucene search

[email protected]CVE-2012-4944

HistoryNov 18, 2012 - 9:55 p.m.

CVE-2012-4944

2012-11-1821:55:01

[email protected]

web.nvd.nist.gov

cve-2012-4944

file upload

vulnerability

agile fleetcommander

fleetcommander kiosk

remote code execution

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.3%

JSON

Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified page.

Affected configurations

NVD

Node

agilefleetfleetcommanderRange≤4.0

agilefleetfleetcommander_kioskRange≤4.0

CPENameOperatorVersion
agilefleet:fleetcommanderagilefleet fleetcommanderle4.0
agilefleet:fleetcommander_kioskagilefleet fleetcommander kioskle4.0

CPE	Name	Operator	Version
agilefleet:fleetcommander	agilefleet fleetcommander	le	4.0
agilefleet:fleetcommander_kiosk	agilefleet fleetcommander kiosk	le	4.0

References

www.kb.cert.org/vuls/id/427547

www.securityfocus.com/bid/56427

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.3%

JSON

Related for CVE-2012-4944

prion1 cvelist1 nvd1 cert1