Lucene search
MitreCVE-2015-4027HistoryDec 17, 2015 - 7:59 p.m.
CVE-2015-4027
2015-12-1719:59:00
CWE-264
mitre
web.nvd.nist.gov
36
cve-2015-4027
acunetix web vulnerability scanner
wvs
privilege escalation
json
local user gain privileges
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
26.0%
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
Affected configurations
Node
acunetixweb_vulnerability_scannerRange≤10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| acunetix | web_vulnerability_scanner | * | cpe:2.3:a:acunetix:web_vulnerability_scanner:*:*:*:*:*:*:*:* |
Related
checkpoint_advisories
checkpoint_advisories
Acunetix Web Scanner Privilege Escalation (CVE-2015-4027)
2021-03-28 00:00:00
packetstorm
packetstorm
Acunetix WVS 10 Local Privilege Escalation
2015-12-02 00:00:00
cvelist
cvelist
CVE-2015-4027
2015-12-17 19:00:00
exploitpack
exploitpack
Acunetix WVS 10 - Local Privilege Escalation
2015-12-02 00:00:00
exploitdb
exploitdb
Acunetix WVS 10 - Local Privilege Escalation
2015-12-02 00:00:00
nvd
nvd
CVE-2015-4027
2015-12-17 19:59:00
zdt
zdt
Acunetix WVS 10 - Local Privilege Escalation Exploit
2015-12-02 00:00:00
prion
prion
Command injection
2015-12-17 19:59:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2015-07-13 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
26.0%
Related for CVE-2015-4027