Lucene search

[email protected]CVE-2020-19559

HistorySep 11, 2023 - 7:15 p.m.

CVE-2020-19559

2023-09-1119:15:41

CWE-502

[email protected]

web.nvd.nist.gov

diebold

aglis xfs

opteva

cve-2020-19559

remote code execution

security issue

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.7%

JSON

An issue in Diebold Aglis XFS for Opteva v.4.1.61.1 allows a remote attacker to execute arbitrary code via a crafted payload to the ResolveMethod() parameter.

Affected configurations

NVD

Node

dieboldnixdorfagilis_xfs_for_optevaMatch4.1.61.1

CPENameOperatorVersion
dieboldnixdorf:agilis_xfs_for_optevadieboldnixdorf agilis xfs for optevaeq4.1.61.1

CPE	Name	Operator	Version
dieboldnixdorf:agilis_xfs_for_opteva	dieboldnixdorf agilis xfs for opteva	eq	4.1.61.1

References

medium.com/nightst0rm/t%E1%BA%A3n-m%E1%BA%A1n-v%E1%BB%81-l%E1%BB%97-h%E1%BB%95ng-trong-atm-diebold-f1040a70f2c9

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.7%

JSON

Related for CVE-2020-19559

nvd1 prion1 cvelist1