Lucene search

KrcertCVELIST:CVE-2020-7838

HistoryDec 18, 2020 - 12:04 a.m.

CVE-2020-7838

2020-12-1800:04:31

CWE-20

krcert

www.cve.org

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.9%

JSON

A arbitrary code execution vulnerability exists in the way that the Stove client improperly validates input value. An attacker could execute arbitrary code when the user access to crafted web page. This issue affects: Smilegate STOVE Client 0.0.4.72.

CNA Affected

[
  {
    "product": "STOVE Client",
    "vendor": "Smilegate",
    "versions": [
      {
        "status": "affected",
        "version": "0.0.4.72"
      }
    ]
  }
]

References

www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35851

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.9%

JSON

Related for CVELIST:CVE-2020-7838