Lucene search

VulDBCVELIST:CVE-2017-20099

HistoryJun 27, 2022 - 6:11 p.m.

CVE-2017-20099 Analytics Stats Counter Statistics Plugin code injection

2022-06-2718:11:03

CWE-94

VulDB

www.cve.org

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

9.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.1%

JSON

A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The attack may be initiated remotely.

CNA Affected

[
  {
    "product": "Analytics Stats Counter Statistics Plugin",
    "vendor": "unspecified",
    "versions": [
      {
        "status": "affected",
        "version": "1.2.2.5"
      }
    ]
  }
]

References

seclists.org/fulldisclosure/2017/Feb/74

vuldb.com/?id.97367

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

9.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.1%

JSON

Related for CVELIST:CVE-2017-20099