Vulnerability CVE-2019-6026


Published: 2019-12-26

Description:
Privilege escalation vulnerability in Multiple MOTEX products (LanScope Cat client program (MR) and LanScope Cat client program (MR)LanScope Cat detection agent (DA) prior to Ver.9.2.1.0, LanScope Cat server monitoring agent (SA, SAE) prior to Ver.9.2.2.0, LanScope An prior to Ver 2.7.7.0 (LanScope An 2 series), and LanScope An prior to Ver 3.0.8.1 (LanScope An 3 series)) allow authenticated attackers to obtain unauthorized privileges and execute arbitrary code.

Type:

CWE-269

(Improper Privilege Management)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Motex -> Lanscope an 
Motex -> Lanscope cat client program 
Motex -> Lanscope cat detection agent 
Motex -> Lanscope cat server monitoring agent 

 References:
http://jvn.jp/en/jp/JVN49068796/index.html
https://www.motex.co.jp/news/news_topics/2019/release191202/

Copyright 2024, cxsecurity.com

 

Back to Top