CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
70.8%
x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote authenticated users to gain privileges via unspecified vectors, possibly related to backticks.
Vendor | Product | Version | CPE |
---|---|---|---|
x2go | x2go_server | * | cpe:2.3:a:x2go:x2go_server:*:*:*:*:*:*:*:* |
x2go | x2go_server | 4.0.0.0 | cpe:2.3:a:x2go:x2go_server:4.0.0.0:*:*:*:*:*:*:* |
x2go | x2go_server | 4.0.0.1 | cpe:2.3:a:x2go:x2go_server:4.0.0.1:*:*:*:*:*:*:* |
x2go | x2go_server | 4.0.0.2 | cpe:2.3:a:x2go:x2go_server:4.0.0.2:*:*:*:*:*:*:* |
x2go | x2go_server | 4.0.0.3 | cpe:2.3:a:x2go:x2go_server:4.0.0.3:*:*:*:*:*:*:* |
x2go | x2go_server | 4.0.0.4 | cpe:2.3:a:x2go:x2go_server:4.0.0.4:*:*:*:*:*:*:* |
x2go | x2go_server | 4.0.0.6 | cpe:2.3:a:x2go:x2go_server:4.0.0.6:*:*:*:*:*:*:* |
x2go | x2go_server | 4.0.1.0 | cpe:2.3:a:x2go:x2go_server:4.0.1.0:*:*:*:*:*:*:* |
x2go | x2go_server | 4.0.1.1 | cpe:2.3:a:x2go:x2go_server:4.0.1.1:*:*:*:*:*:*:* |
x2go | x2go_server | 4.0.1.2 | cpe:2.3:a:x2go:x2go_server:4.0.1.2:*:*:*:*:*:*:* |