Lucene search

[email protected]NVD:CVE-2019-7364

HistoryAug 23, 2019 - 8:15 p.m.

CVE-2019-7364

2019-08-2320:15:10

CWE-427

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

31.4%

JSON

DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution.

Affected configurations

Nvd

Node

autodeskadvance_steelMatch2017

autodeskadvance_steelMatch2018

autodeskadvance_steelMatch2019

autodeskadvance_steelMatch2020

autodeskautocadMatch2017

autodeskautocadMatch2018

autodeskautocadMatch2019

autodeskautocadMatch2020

autodeskautocad_architectureMatch2017

autodeskautocad_architectureMatch2018

autodeskautocad_architectureMatch2019

autodeskautocad_architectureMatch2020

autodeskautocad_electricalMatch2017

autodeskautocad_electricalMatch2018

autodeskautocad_electricalMatch2019

autodeskautocad_electricalMatch2020

autodeskautocad_ltMatch2017

autodeskautocad_ltMatch2018

autodeskautocad_ltMatch2019

autodeskautocad_ltMatch2020

autodeskautocad_map_3dMatch2017

autodeskautocad_map_3dMatch2018

autodeskautocad_map_3dMatch2019

autodeskautocad_map_3dMatch2020

autodeskautocad_mechanicalMatch2017

autodeskautocad_mechanicalMatch2018

autodeskautocad_mechanicalMatch2019

autodeskautocad_mechanicalMatch2020

autodeskautocad_mepMatch2017

autodeskautocad_mepMatch2018

autodeskautocad_mepMatch2019

autodeskautocad_mepMatch2020

autodeskautocad_p\&idMatch2017

autodeskautocad_plant_3dMatch2017

autodeskautocad_plant_3dMatch2018

autodeskautocad_plant_3dMatch2019

autodeskautocad_plant_3dMatch2020

autodeskcivil_3dMatch2017

autodeskcivil_3dMatch2018

autodeskcivil_3dMatch2019

autodeskcivil_3dMatch2020

VendorProductVersionCPE
autodeskadvance_steel2017cpe:2.3:a:autodesk:advance_steel:2017:*:*:*:*:*:*:*
autodeskadvance_steel2018cpe:2.3:a:autodesk:advance_steel:2018:*:*:*:*:*:*:*
autodeskadvance_steel2019cpe:2.3:a:autodesk:advance_steel:2019:*:*:*:*:*:*:*
autodeskadvance_steel2020cpe:2.3:a:autodesk:advance_steel:2020:*:*:*:*:*:*:*
autodeskautocad2017cpe:2.3:a:autodesk:autocad:2017:*:*:*:*:*:*:*
autodeskautocad2018cpe:2.3:a:autodesk:autocad:2018:*:*:*:*:*:*:*
autodeskautocad2019cpe:2.3:a:autodesk:autocad:2019:*:*:*:*:*:*:*
autodeskautocad2020cpe:2.3:a:autodesk:autocad:2020:*:*:*:*:*:*:*
autodeskautocad_architecture2017cpe:2.3:a:autodesk:autocad_architecture:2017:*:*:*:*:*:*:*
autodeskautocad_architecture2018cpe:2.3:a:autodesk:autocad_architecture:2018:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
autodesk	advance_steel	2017	cpe:2.3:a:autodesk:advance_steel:2017:::::::*
autodesk	advance_steel	2018	cpe:2.3:a:autodesk:advance_steel:2018:::::::*
autodesk	advance_steel	2019	cpe:2.3:a:autodesk:advance_steel:2019:::::::*
autodesk	advance_steel	2020	cpe:2.3:a:autodesk:advance_steel:2020:::::::*
autodesk	autocad	2017	cpe:2.3:a:autodesk:autocad:2017:::::::*
autodesk	autocad	2018	cpe:2.3:a:autodesk:autocad:2018:::::::*
autodesk	autocad	2019	cpe:2.3:a:autodesk:autocad:2019:::::::*
autodesk	autocad	2020	cpe:2.3:a:autodesk:autocad:2020:::::::*
autodesk	autocad_architecture	2017	cpe:2.3:a:autodesk:autocad_architecture:2017:::::::*
autodesk	autocad_architecture	2018	cpe:2.3:a:autodesk:autocad_architecture:2018:::::::*

Rows per page:

1-10 of 411

References

www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

31.4%

JSON

Related for NVD:CVE-2019-7364

prion1 cvelist1 cve1