Vulnerability-Lookup

CVE-2018-1162 (GCVE-0-2018-1162)

Vulnerability from cvelistv5 – Published: 2018-02-08 18:00 – Updated: 2024-08-05 03:51

Summary

This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to arbitrarily overwrite files resulting in a denial-of-service condition. Was ZDI-CAN-4222.

Severity ?

No CVSS data available.

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

zdi

References

URL

Tags

https://zerodayinitiative.com/advisories/ZDI-18-005

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Quest	Quest NetVault Backup	Affected: 11.2.0.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:51:48.995Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://zerodayinitiative.com/advisories/ZDI-18-005"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Quest NetVault Backup",
          "vendor": "Quest",
          "versions": [
            {
              "status": "affected",
              "version": "11.2.0.13"
            }
          ]
        }
      ],
      "datePublic": "2018-01-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to arbitrarily overwrite files resulting in a denial-of-service condition. Was ZDI-CAN-4222."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-08T17:57:01.000Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://zerodayinitiative.com/advisories/ZDI-18-005"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "zdi-disclosures@trendmicro.com",
          "ID": "CVE-2018-1162",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Quest NetVault Backup",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.2.0.13"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Quest"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to arbitrarily overwrite files resulting in a denial-of-service condition. Was ZDI-CAN-4222."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://zerodayinitiative.com/advisories/ZDI-18-005",
              "refsource": "MISC",
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-005"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2018-1162",
    "datePublished": "2018-02-08T18:00:00.000Z",
    "dateReserved": "2017-12-05T00:00:00.000Z",
    "dateUpdated": "2024-08-05T03:51:48.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-FQP8-3VV8-7R5J

Vulnerability from github – Published: 2022-05-13 01:33 – Updated: 2022-05-13 01:33

Details

Severity ?

8.1 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-1162"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-08T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to arbitrarily overwrite files resulting in a denial-of-service condition. Was ZDI-CAN-4222.",
  "id": "GHSA-fqp8-3vv8-7r5j",
  "modified": "2022-05-13T01:33:28Z",
  "published": "2022-05-13T01:33:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1162"
    },
    {
      "type": "WEB",
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-005"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-1162

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-1162

Aliases

CVE-2018-1162

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-1162",
    "description": "This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to arbitrarily overwrite files resulting in a denial-of-service condition. Was ZDI-CAN-4222.",
    "id": "GSD-2018-1162"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-1162"
      ],
      "details": "This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to arbitrarily overwrite files resulting in a denial-of-service condition. Was ZDI-CAN-4222.",
      "id": "GSD-2018-1162",
      "modified": "2023-12-13T01:22:36.851404Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "zdi-disclosures@trendmicro.com",
        "ID": "CVE-2018-1162",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Quest NetVault Backup",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "11.2.0.13"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Quest"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to arbitrarily overwrite files resulting in a denial-of-service condition. Was ZDI-CAN-4222."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://zerodayinitiative.com/advisories/ZDI-18-005",
            "refsource": "MISC",
            "url": "https://zerodayinitiative.com/advisories/ZDI-18-005"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:quest:netvault_backup:11.2.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "zdi-disclosures@trendmicro.com",
          "ID": "CVE-2018-1162"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to arbitrarily overwrite files resulting in a denial-of-service condition. Was ZDI-CAN-4222."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://zerodayinitiative.com/advisories/ZDI-18-005",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-005"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "NONE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 9.2,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.2
        }
      },
      "lastModifiedDate": "2019-10-09T23:38Z",
      "publishedDate": "2018-02-08T18:29Z"
    }
  }
}

CNVD-2018-03784

Vulnerability from cnvd - Published: 2018-02-28

Title

Quest NetVault Backup拒绝服务漏洞

Description

Quest NetVault Backup是一款可扩展的数据备份和恢复解决方案，适用于具有多种IT环境的企业。 Quest NetVault Backup 11.2.0.13中Export请求的处理存在拒绝服务漏洞。该漏洞产生的原因是在将用户提供的路径用于文件操作之前未对路径进行适当的验证。攻击者可利用该漏洞任意覆盖文件，从而可导致拒绝服务。

Severity

高

Patch Name

Quest NetVault Backup拒绝服务漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://zerodayinitiative.com/advisories/ZDI-18-005/

Reference

https://zerodayinitiative.com/advisories/ZDI-18-005/

Impacted products

Name
Quest NetVault Backup 11.2.0.13

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1162"
    }
  },
  "description": "Quest NetVault Backup\u662f\u4e00\u6b3e\u53ef\u6269\u5c55\u7684\u6570\u636e\u5907\u4efd\u548c\u6062\u590d\u89e3\u51b3\u65b9\u6848\uff0c\u9002\u7528\u4e8e\u5177\u6709\u591a\u79cdIT\u73af\u5883\u7684\u4f01\u4e1a\u3002\r\n\r\nQuest NetVault Backup 11.2.0.13\u4e2dExport\u8bf7\u6c42\u7684\u5904\u7406\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662f\u5728\u5c06\u7528\u6237\u63d0\u4f9b\u7684\u8def\u5f84\u7528\u4e8e\u6587\u4ef6\u64cd\u4f5c\u4e4b\u524d\u672a\u5bf9\u8def\u5f84\u8fdb\u884c\u9002\u5f53\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4efb\u610f\u8986\u76d6\u6587\u4ef6\uff0c\u4ece\u800c\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "rgod",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://zerodayinitiative.com/advisories/ZDI-18-005/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-03784",
  "openTime": "2018-02-28",
  "patchDescription": "Quest NetVault Backup\u662f\u4e00\u6b3e\u53ef\u6269\u5c55\u7684\u6570\u636e\u5907\u4efd\u548c\u6062\u590d\u89e3\u51b3\u65b9\u6848\uff0c\u9002\u7528\u4e8e\u5177\u6709\u591a\u79cdIT\u73af\u5883\u7684\u4f01\u4e1a\u3002\r\n\r\nQuest NetVault Backup 11.2.0.13\u4e2dExport\u8bf7\u6c42\u7684\u5904\u7406\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4ea7\u751f\u7684\u539f\u56e0\u662f\u5728\u5c06\u7528\u6237\u63d0\u4f9b\u7684\u8def\u5f84\u7528\u4e8e\u6587\u4ef6\u64cd\u4f5c\u4e4b\u524d\u672a\u5bf9\u8def\u5f84\u8fdb\u884c\u9002\u5f53\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4efb\u610f\u8986\u76d6\u6587\u4ef6\uff0c\u4ece\u800c\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Quest NetVault Backup\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Quest NetVault Backup 11.2.0.13"
  },
  "referenceLink": "https://zerodayinitiative.com/advisories/ZDI-18-005/",
  "serverity": "\u9ad8",
  "submitTime": "2018-02-09",
  "title": "Quest NetVault Backup\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

FKIE_CVE-2018-1162

Vulnerability from fkie_nvd - Published: 2018-02-08 18:29 - Updated: 2024-11-21 03:59

Severity ?

8.1 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

References

	URL	Tags
	zdi-disclosures@trendmicro.com	https://zerodayinitiative.com/advisories/ZDI-18-005	Third Party Advisory, VDB Entry
	af854a3a-2127-422b-91ae-364da2661108	https://zerodayinitiative.com/advisories/ZDI-18-005	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	quest	netvault_backup	11.2.0.13

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:quest:netvault_backup:11.2.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C12817-69AE-4931-B9F2-E36693F7980C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup 11.2.0.13. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within the handling of Export requests. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to arbitrarily overwrite files resulting in a denial-of-service condition. Was ZDI-CAN-4222."
    },
    {
      "lang": "es",
      "value": "Esta vulnerabilidad permite que los atacantes remotos creen una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en instalaciones vulnerables de Quest NetVault Backup 11.2.0.13. Aunque se requiere autenticaci\u00f3n para explotar esta vulnerabilidad, el mecanismo de autenticaci\u00f3n existente se puede omitir f\u00e1cilmente. Este error en concreto existe en la gesti\u00f3n de peticiones Export. El problema deriva de la falta de validaci\u00f3n correcta de una ruta proporcionada por el usuario antes de emplearla en operaciones de archivo. Un atacante puede aprovechar la vulnerabilidad para sobrescribir archivos arbitrariamente, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Anteriormente era ZDI-CAN-4222."
    }
  ],
  "id": "CVE-2018-1162",
  "lastModified": "2024-11-21T03:59:18.770",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 9.2,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-02-08T18:29:01.353",
  "references": [
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://zerodayinitiative.com/advisories/ZDI-18-005"
    }
  ],
  "sourceIdentifier": "zdi-disclosures@trendmicro.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "zdi-disclosures@trendmicro.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-1162 (GCVE-0-2018-1162)

GHSA-FQP8-3VV8-7R5J

GSD-2018-1162

CNVD-2018-03784

FKIE_CVE-2018-1162

Tags

Sightings

Nomenclature