← Voltar para CVEs

CVE-2020-11733

MEDIUM

6.7

Descricao

An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. An attacker, who already has access to an SSH restricted shell, can achieve root access via shell metacharacters. The attacker can then, for example, read sensitive files such as appliance admin configuration source code. This affects Spirent TestCenter and Avalanche products which chassis version <= 5.08. The SSH restricted shell is available with default credentials.

Detalhes CVE

Pontuacao CVSS v3.16.7

SeveridadeMEDIUM

Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueLOCAL

ComplexidadeLOW

Privilegios necessariosHIGH

Interacao do usuarioNONE

Publicado8/13/2020

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

spirent:avalanchespirent:c100-mpspirent:testcenter

Fraquezas (CWE)

CWE-78

Referencias

https://gist.github.com/a05110511t/65d07bc776d7c11b4ccf112a09cca4ab(cve@mitre.org)

https://github.com/a05110511t/CVE/blob/master/CVE-2020-11733.md(cve@mitre.org)

https://gist.github.com/a05110511t/65d07bc776d7c11b4ccf112a09cca4ab(af854a3a-2127-422b-91ae-364da2661108)

https://github.com/a05110511t/CVE/blob/master/CVE-2020-11733.md(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.