Description
An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is remotely accessible, it allows an attacker to execute arbitrary commands with system privilege on the endpoint hosting the application, without any authentication.
Related CPE's
Could not find any relations
References
Weaknesses
Could not find any weaknesses
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10 · Critical
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Awaiting analysis
Published
2024-09-30T18:15:05.827
1 week agoLast modified
2024-10-04T13:51:25.567
1 week ago