Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.
History

Wed, 06 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:wellchoose:administrative_management_system:*:*:*:*:*:*:*:*
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 24 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Wellchoose
Wellchoose administrative Management System
CPEs cpe:2.3:a:wellchoose:administrative_management_system:-:*:*:*:*:*:*:*
Vendors & Products Wellchoose
Wellchoose administrative Management System

Mon, 21 Oct 2024 03:45:00 +0000

Type Values Removed Values Added
Description Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.
Title Wellchoose Administrative Management System - OS Command Injection
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2024-10-21T03:19:59.864Z

Updated: 2024-11-06T15:50:46.778Z

Reserved: 2024-10-21T02:32:50.889Z

Link: CVE-2024-10202

cve-icon Vulnrichment

Updated: 2024-10-21T13:11:43.378Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-21T04:15:03.900

Modified: 2024-10-24T13:55:46.110

Link: CVE-2024-10202

cve-icon Redhat

No data.