Lucene search
Japan Vulnerability NotesJVN:48839888HistoryNov 21, 2011 - 12:00 a.m.
JVN#48839888: Nikki vulnerable to OS command injection
2011-11-2100:00:00
Japan Vulnerability Notes
jvn.jp
15
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
56.4%
Nikki from HP no Mawashimono is a CGI software for posting diary entries. Nikki contains an OS command injection vulnerability.
Impact
An arbitrary OS command may be executed with the privileges of the web server.
Solution
Update the software
Update to the latest version according to the information provided by the developer.
Products Affected
- Nikki ver 6.6 and earlier
Related
prion
prion
Command injection
2011-11-30 04:05:00
nvd
nvd
CVE-2011-4002
2011-11-30 04:05:58
cvelist
cvelist
CVE-2011-4002
2022-10-03 16:15:13
cve
cve
CVE-2011-4002
2022-10-03 16:15:13
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
56.4%
Related for JVN:48839888