Design/Logic Flaw

2020-09-1514:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

42.5%

JSON

It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer access. Affected versions are v8.20 prior to v8.20.1166(MR3), v8.10 prior to v8.10.1211(MR5), v8.00 prior to v8.00.1228(MR6), all versions of 7.90 and earlier.

CPENameOperatorVersion
command_centreeq8.20.1166
command_centrege8.20
command_centrelt8.20.1166
command_centreeq8.10.1211
command_centrege8.10
command_centrelt8.10.1211
command_centreeq8.00.1228
command_centrege8.00
command_centrelt8.00.1228

Name	Operator	Version
command_centre	eq	8.20.1166
command_centre	ge	8.20
command_centre	lt	8.20.1166
command_centre	eq	8.10.1211
command_centre	ge	8.10
command_centre	lt	8.10.1211
command_centre	eq	8.00.1228
command_centre	ge	8.00
command_centre	lt	8.00.1228

References

security.gallagher.com/Security-Advisories/CVE-2020-16101

0.001 Low

EPSS

Percentile

42.5%

JSON

Related for PRION:CVE-2020-16101