Lucene search
HistoryDec 17, 2015 - 7:59 p.m.
CVE-2015-4027
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
26.0%
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
Affected configurations
Node
acunetixweb_vulnerability_scannerRange≤10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| acunetix | web_vulnerability_scanner | * | cpe:2.3:a:acunetix:web_vulnerability_scanner:*:*:*:*:*:*:*:* |
Related
checkpoint_advisories
checkpoint_advisories
Acunetix Web Scanner Privilege Escalation (CVE-2015-4027)
2021-03-28 00:00:00
packetstorm
packetstorm
Acunetix WVS 10 Local Privilege Escalation
2015-12-02 00:00:00
cvelist
cvelist
CVE-2015-4027
2015-12-17 19:00:00
exploitpack
exploitpack
Acunetix WVS 10 - Local Privilege Escalation
2015-12-02 00:00:00
exploitdb
exploitdb
Acunetix WVS 10 - Local Privilege Escalation
2015-12-02 00:00:00
zdt
zdt
Acunetix WVS 10 - Local Privilege Escalation Exploit
2015-12-02 00:00:00
prion
prion
Command injection
2015-12-17 19:59:00
cve
cve
CVE-2015-4027
2015-12-17 19:59:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2015-07-13 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
26.0%
Related for NVD:CVE-2015-4027