Lucene search
HistoryOct 08, 2014 - 5:55 p.m.
CVE-2014-7205
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.895
Percentile
98.8%
Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for the hapi server framework for Node.js allows remote attackers to execute arbitrary Javascript code via unspecified vectors.
Affected configurations
Node
bassmaster_projectbassmasterRange<1.5.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bassmaster_project | bassmaster | * | cpe:2.3:a:bassmaster_project:bassmaster:*:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2014-7205
2014-10-08 17:00:00
checkpoint_advisories
checkpoint_advisories
zdt
zdt
osv
osv
Arbitrary JavaScript Execution in bassmaster
2017-10-24 18:33:36
exploitdb
exploitdb
cve
cve
CVE-2014-7205
2014-10-08 17:55:05
packetstorm
packetstorm
Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution
2016-10-30 00:00:00
prion
prion
Design/Logic Flaw
2014-10-08 17:55:00
github
github
Arbitrary JavaScript Execution in bassmaster
2017-10-24 18:33:36
nodejs
nodejs
Arbitrary JavaScript Execution
2015-10-17 19:41:46
metasploit
metasploit
Bassmaster Batch Arbitrary JavaScript Injection Remote Code Execution
2016-10-27 18:22:39
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.895
Percentile
98.8%
Related for NVD:CVE-2014-7205