Vulnerability CVE-2018-15808

Vulnerability CVE-2018-15808

Published: 2018-08-23

Description:

POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user. "root" access to POSIM EVO's database may result in a breach of confidentiality, integrity, or availability or allow for attackers to remotely execute code on associated POSIM EVO clients.

Type:

CWE-798

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
10/10	10/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Posim -> EVO

References:

https://versprite.com/advisories/posim-evo-for-windows-2/

Copyright 2024, cxsecurity.com