10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.974 High
EPSS
Percentile
99.9%
This update for flash-player fixes the following issues :
Security update to 11.2.202.621 (bsc#979422) :
APSA16-02, APSB16-15, CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103, CVE-2016-1104, CVE-2016-1105, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4109, CVE-2016-4110, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4116, CVE-2016-4117
The following CVEs got fixed during the previous release, but got published afterwards :
APSA16-01, APSB16-10, CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013, CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017, CVE-2016-1018, CVE-2016-1019, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1030, CVE-2016-1031, CVE-2016-1032, CVE-2016-1033
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2016:1305-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(91217);
script_version("2.16");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/08");
script_cve_id(
"CVE-2016-1006",
"CVE-2016-1011",
"CVE-2016-1012",
"CVE-2016-1013",
"CVE-2016-1014",
"CVE-2016-1015",
"CVE-2016-1016",
"CVE-2016-1017",
"CVE-2016-1018",
"CVE-2016-1019",
"CVE-2016-1020",
"CVE-2016-1021",
"CVE-2016-1022",
"CVE-2016-1023",
"CVE-2016-1024",
"CVE-2016-1025",
"CVE-2016-1026",
"CVE-2016-1027",
"CVE-2016-1028",
"CVE-2016-1029",
"CVE-2016-1030",
"CVE-2016-1031",
"CVE-2016-1032",
"CVE-2016-1033",
"CVE-2016-1096",
"CVE-2016-1097",
"CVE-2016-1098",
"CVE-2016-1099",
"CVE-2016-1100",
"CVE-2016-1101",
"CVE-2016-1102",
"CVE-2016-1103",
"CVE-2016-1104",
"CVE-2016-1105",
"CVE-2016-1106",
"CVE-2016-1107",
"CVE-2016-1108",
"CVE-2016-1109",
"CVE-2016-1110",
"CVE-2016-4108",
"CVE-2016-4109",
"CVE-2016-4110",
"CVE-2016-4111",
"CVE-2016-4112",
"CVE-2016-4113",
"CVE-2016-4114",
"CVE-2016-4115",
"CVE-2016-4116",
"CVE-2016-4117"
);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/03/24");
script_name(english:"SUSE SLED12 Security Update : flash-player (SUSE-SU-2016:1305-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"This update for flash-player fixes the following issues :
- Security update to 11.2.202.621 (bsc#979422) :
- APSA16-02, APSB16-15, CVE-2016-1096, CVE-2016-1097,
CVE-2016-1098, CVE-2016-1099, CVE-2016-1100,
CVE-2016-1101, CVE-2016-1102, CVE-2016-1103,
CVE-2016-1104, CVE-2016-1105, CVE-2016-1106,
CVE-2016-1107, CVE-2016-1108, CVE-2016-1109,
CVE-2016-1110, CVE-2016-4108, CVE-2016-4109,
CVE-2016-4110, CVE-2016-4111, CVE-2016-4112,
CVE-2016-4113, CVE-2016-4114, CVE-2016-4115,
CVE-2016-4116, CVE-2016-4117
- The following CVEs got fixed during the previous
release, but got published afterwards :
- APSA16-01, APSB16-10, CVE-2016-1006, CVE-2016-1011,
CVE-2016-1012, CVE-2016-1013, CVE-2016-1014,
CVE-2016-1015, CVE-2016-1016, CVE-2016-1017,
CVE-2016-1018, CVE-2016-1019, CVE-2016-1020,
CVE-2016-1021, CVE-2016-1022, CVE-2016-1023,
CVE-2016-1024, CVE-2016-1025, CVE-2016-1026,
CVE-2016-1027, CVE-2016-1028, CVE-2016-1029,
CVE-2016-1030, CVE-2016-1031, CVE-2016-1032,
CVE-2016-1033
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=979422");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1006/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1011/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1012/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1013/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1014/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1015/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1016/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1017/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1018/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1019/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1020/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1021/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1022/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1023/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1024/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1025/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1026/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1027/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1028/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1029/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1030/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1031/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1032/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1033/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1096/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1097/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1098/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1099/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1100/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1101/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1102/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1103/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1104/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1105/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1106/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1107/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1108/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1109/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-1110/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4108/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4109/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4110/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4111/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4112/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4113/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4114/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4115/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4116/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2016-4117/");
# https://www.suse.com/support/update/announcement/2016/suse-su-20161305-1/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e82b824a");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 12-SP1 :
zypper in -t patch SUSE-SLE-WE-12-SP1-2016-772=1
SUSE Linux Enterprise Workstation Extension 12 :
zypper in -t patch SUSE-SLE-WE-12-2016-772=1
SUSE Linux Enterprise Desktop 12-SP1 :
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-772=1
SUSE Linux Enterprise Desktop 12 :
zypper in -t patch SUSE-SLE-DESKTOP-12-2016-772=1
To bring your system up-to-date, use 'zypper patch'.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player DeleteRangeTimelineOperation Type-Confusion');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/04/07");
script_set_attribute(attribute:"patch_publication_date", value:"2016/05/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/05/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:flash-player");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:flash-player-gnome");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLED12" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP0/1", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"flash-player-11.2.202.621-130.1")) flag++;
if (rpm_check(release:"SLED12", sp:"1", cpu:"x86_64", reference:"flash-player-gnome-11.2.202.621-130.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"flash-player-11.2.202.621-130.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"flash-player-gnome-11.2.202.621-130.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | flash-player | p-cpe:/a:novell:suse_linux:flash-player |
novell | suse_linux | flash-player-gnome | p-cpe:/a:novell:suse_linux:flash-player-gnome |
novell | suse_linux | 12 | cpe:/o:novell:suse_linux:12 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1006
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1011
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1012
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1013
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1014
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1015
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1016
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1017
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1018
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1019
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1021
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1022
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1023
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1024
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1025
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1026
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1027
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1028
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1029
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1030
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1031
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1032
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1033
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1097
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1098
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1099
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1101
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1106
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4116
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4117
www.nessus.org/u?e82b824a
bugzilla.suse.com/show_bug.cgi?id=979422
www.suse.com/security/cve/CVE-2016-1006/
www.suse.com/security/cve/CVE-2016-1011/
www.suse.com/security/cve/CVE-2016-1012/
www.suse.com/security/cve/CVE-2016-1013/
www.suse.com/security/cve/CVE-2016-1014/
www.suse.com/security/cve/CVE-2016-1015/
www.suse.com/security/cve/CVE-2016-1016/
www.suse.com/security/cve/CVE-2016-1017/
www.suse.com/security/cve/CVE-2016-1018/
www.suse.com/security/cve/CVE-2016-1019/
www.suse.com/security/cve/CVE-2016-1020/
www.suse.com/security/cve/CVE-2016-1021/
www.suse.com/security/cve/CVE-2016-1022/
www.suse.com/security/cve/CVE-2016-1023/
www.suse.com/security/cve/CVE-2016-1024/
www.suse.com/security/cve/CVE-2016-1025/
www.suse.com/security/cve/CVE-2016-1026/
www.suse.com/security/cve/CVE-2016-1027/
www.suse.com/security/cve/CVE-2016-1028/
www.suse.com/security/cve/CVE-2016-1029/
www.suse.com/security/cve/CVE-2016-1030/
www.suse.com/security/cve/CVE-2016-1031/
www.suse.com/security/cve/CVE-2016-1032/
www.suse.com/security/cve/CVE-2016-1033/
www.suse.com/security/cve/CVE-2016-1096/
www.suse.com/security/cve/CVE-2016-1097/
www.suse.com/security/cve/CVE-2016-1098/
www.suse.com/security/cve/CVE-2016-1099/
www.suse.com/security/cve/CVE-2016-1100/
www.suse.com/security/cve/CVE-2016-1101/
www.suse.com/security/cve/CVE-2016-1102/
www.suse.com/security/cve/CVE-2016-1103/
www.suse.com/security/cve/CVE-2016-1104/
www.suse.com/security/cve/CVE-2016-1105/
www.suse.com/security/cve/CVE-2016-1106/
www.suse.com/security/cve/CVE-2016-1107/
www.suse.com/security/cve/CVE-2016-1108/
www.suse.com/security/cve/CVE-2016-1109/
www.suse.com/security/cve/CVE-2016-1110/
www.suse.com/security/cve/CVE-2016-4108/
www.suse.com/security/cve/CVE-2016-4109/
www.suse.com/security/cve/CVE-2016-4110/
www.suse.com/security/cve/CVE-2016-4111/
www.suse.com/security/cve/CVE-2016-4112/
www.suse.com/security/cve/CVE-2016-4113/
www.suse.com/security/cve/CVE-2016-4114/
www.suse.com/security/cve/CVE-2016-4115/
www.suse.com/security/cve/CVE-2016-4116/
www.suse.com/security/cve/CVE-2016-4117/
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.974 High
EPSS
Percentile
99.9%