Lucene search
PRIOn knowledge basePRION:CVE-2015-7253HistoryNov 04, 2015 - 3:59 a.m.
Design/Logic Flaw
2015-11-0403:59:00
PRIOn knowledge base
www.prio-n.com
2
8.1 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
73.4%
The Web Console in Commvault Edge Server 10 R2 allows remote attackers to execute arbitrary OS commands via crafted serialized data in a cookie.
| CPE | Name | Operator | Version |
|---|---|---|---|
| edge_server | eq | 10 r2 |
References
Related
cve
cve
CVE-2015-7253
2015-11-04 03:59:00
cert
cert
Commvault Edge Server deserializes cookie data insecurely
2015-11-03 00:00:00
impervablog
impervablog
Deserialization Attacks Surge Motivated by Illegal Crypto-mining
2018-01-24 17:45:08
8.1 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
73.4%
Related for PRION:CVE-2015-7253