VDB-98932 · CVE-2017-20022 · GCVE-100-98932

Solare Solar-Log 2.8.4-56/3.5.2-85 Bayani fitowa

Gaskiya vulnerability da aka ware a matsayin karshewa an samu a Solare Solar-Log 2.8.4-56/3.5.2-85. Hakika, aikin $software_function ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil $software_file, a cikin sashen $software_component. A sa manipulation ka Bayani fitowa. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-200. Hakika, rauni an bayyana shi 03/22/2017 daga T. Weber tare da SEC Consult Vulnerability Lab kamar SEC Consult SA-20170322-0 :: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices kamar Mailinglist Post (Full-Disclosure). An raba bayanin tsaro don saukewa a seclists.org. Vendor an kaɗi, public release an kaɗi. Wannan matsala ana saninta da CVE-2017-20022. Ngam yiɗi ka a tuma ndiyam ka internet. Tekinikal faɗi ba ga. Babu exploit ɗin da ake samu. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á sàmbu a wondi feere. 0-day shima, an ndiyam a wuro be $0-$5k. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a faggata. Once again VulDB remains the best source for vulnerability data.

6 Goyarwa · 92 Datenpunkte

Furɗe	Gargadi 1/5 08/23/2020 10:38	Gargadi 2/5 06/05/2022 09:34	Gargadi 3/5 11/22/2022 13:53	Gargadi 4/5 11/22/2022 13:58	Gargadi 5/5 04/15/2025 16:43
software_vendor	Solare	Solare	Solare	Solare	Solare
software_name	Solar-Log	Solar-Log	Solar-Log	Solar-Log	Solar-Log
software_version	2.8.4-56/3.5.2-85	2.8.4-56/3.5.2-85	2.8.4-56/3.5.2-85	2.8.4-56/3.5.2-85	2.8.4-56/3.5.2-85
vulnerability_risk	1	1	1	1	1
vulnerability_historic	0	0	0	0	0
cvss2_vuldb_tempscore	0.0
cvss2_vuldb_av	N	N	N	N	N
cvss2_vuldb_ac	M	M	M	M	M
cvss2_vuldb_ci	N	N	N	N	N
cvss2_vuldb_ii	N	N	N	N	N
cvss2_vuldb_ai	N	N	N	N	N
cvss3_meta_basescore	2.9	2.9	2.9	4.4	4.4
cvss3_meta_tempscore	2.8	2.8	2.8	4.4	4.4
cvss3_vuldb_basescore	2.9	2.9	2.9	2.9	2.9
cvss3_vuldb_tempscore	2.8	2.8	2.8	2.8	2.8
cvss3_vuldb_av	N	N	N	N	N
cvss3_vuldb_ac	L	L	L	L	L
cvss3_vuldb_ui	N	N	N	N	N
cvss3_vuldb_s	U	U	U	U	U
cvss3_vuldb_c	N	N	N	N	N
cvss3_vuldb_i	N	N	N	N	N
cvss3_vuldb_a	N	N	N	N	N
advisory_date	1490140800 (03/22/2017)	1490140800 (03/22/2017)	1490140800 (03/22/2017)	1490140800 (03/22/2017)	1490140800 (03/22/2017)
advisory_location	Full-Disclosure	Full-Disclosure	Full-Disclosure	Full-Disclosure	Full-Disclosure
advisory_type	Mailinglist Post	Mailinglist Post	Mailinglist Post	Mailinglist Post	Mailinglist Post
advisory_url	http://seclists.org/fulldisclosure/2017/Mar/58	http://seclists.org/fulldisclosure/2017/Mar/58	http://seclists.org/fulldisclosure/2017/Mar/58	http://seclists.org/fulldisclosure/2017/Mar/58	http://seclists.org/fulldisclosure/2017/Mar/58
advisory_identifier	SEC Consult SA-20170322-0 :: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices	SEC Consult SA-20170322-0 :: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices	SEC Consult SA-20170322-0 :: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices	SEC Consult SA-20170322-0 :: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices	SEC Consult SA-20170322-0 :: Multiple vulnerabilities in Solare Datensysteme Solar-Log devices
advisory_coordination	1	1	1	1	1
person_name	T. Weber	T. Weber	T. Weber	T. Weber	T. Weber
company_name	SEC Consult Vulnerability Lab	SEC Consult Vulnerability Lab	SEC Consult Vulnerability Lab	SEC Consult Vulnerability Lab	SEC Consult Vulnerability Lab
advisory_disputed	0	0	0	0	0
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k	$0-$5k
countermeasure_name	Gargajiya	Gargajiya	Gargajiya	Gargajiya	Gargajiya
upgrade_version	3.5.3-86	3.5.3-86	3.5.3-86	3.5.3-86	3.5.3-86
source_seealso	98929 98930 98931 98933 98934 98935	98929 98930 98931 98933 98934 98935	98929 98930 98931 98933 98934 98935	98929 98930 98931 98933 98934 98935	98929 98930 98931 98933 98934 98935
cvss2_vuldb_e	ND	ND	ND	ND	ND
cvss2_vuldb_rl	OF	OF	OF	OF	OF
cvss2_vuldb_rc	C	C	C	C	C
cvss3_vuldb_e	X	X	X	X	X
cvss3_vuldb_rl	O	O	O	O	O
cvss3_vuldb_rc	C	C	C	C	C
cvss2_vuldb_au	S	S	S	S	S
cvss3_vuldb_pr	L	L	L	L	L
vulnerability_cwe	CWE-200 (Bayani fitowa)	CWE-200 (Bayani fitowa)	CWE-200 (Bayani fitowa)	CWE-200 (Bayani fitowa)	CWE-200 (Bayani fitowa)
source_cve		CVE-2017-20022	CVE-2017-20022	CVE-2017-20022	CVE-2017-20022
cna_responsible		VulDB	VulDB	VulDB	VulDB
cve_assigned			1654380000 (06/05/2022)	1654380000 (06/05/2022)	1654380000 (06/05/2022)
cve_nvd_summary			A vulnerability has been found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.	A vulnerability has been found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.	A vulnerability has been found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.
cvss3_nvd_av				N	N
cvss3_nvd_ac				L	L
cvss3_nvd_pr				N	N
cvss3_nvd_ui				N	N
cvss3_nvd_s				U	U
cvss3_nvd_c				H	H
cvss3_nvd_i				N	N
cvss3_nvd_a				N	N
cvss2_nvd_av				N	N
cvss2_nvd_ac				L	L
cvss2_nvd_au				N	N
cvss2_nvd_ci				P	P
cvss2_nvd_ii				N	N
cvss2_nvd_ai				N	N
cvss3_cna_av				N	N
cvss3_cna_ac				L	L
cvss3_cna_pr				L	L
cvss3_cna_ui				N	N
cvss3_cna_s				U	U
cvss3_cna_c				N	N
cvss3_cna_i				N	N
cvss3_cna_a				N	N
cve_cna				VulDB	VulDB
cvss2_nvd_basescore				5.0	5.0
cvss3_nvd_basescore				7.5	7.5
cvss3_cna_basescore				2.9	2.9
cve_nvd_summaryes					Se ha encontrado una vulnerabilidad en Solare Solar-Log 2.8.4-56/3.5.2-85 y ha sido clasificada como problemática. Esta vulnerabilidad afecta a un código desconocido. La manipulación conlleva a una divulgación de información. El ataque puede iniciarse de forma remota. La actualización a versión 3.5.3-86 puede abordar este problema. Es recomendado actualizar el componente afectado
cvss4_vuldb_av					N
cvss4_vuldb_ac					L
cvss4_vuldb_pr					L
cvss4_vuldb_ui					N
cvss4_vuldb_vc					N
cvss4_vuldb_vi					N
cvss4_vuldb_va					N
cvss4_vuldb_e					X
cvss4_vuldb_at					N
cvss4_vuldb_sc					N
cvss4_vuldb_si					N
cvss4_vuldb_sa					N

◂ Gurɗo Gumti Gada ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!