| |
Vulnerability CVE-2019-15020
Published: 2019-10-09
| Description: |
A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could allow an attacker to supply an invalid software update image to the Zingbox Inspector that could result in command injection. |
Type:
CWE-74
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.5/10 |
6.4/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://securityadvisories.paloaltonetworks.com/Home/Detail/185
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
