CVE-2017-20025
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Flash Memory. The manipulation leads to privilege escalation. The attack can be launched remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.
Affected (16)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.8.4-56 |
| Running on/with | Platform Versions |
|---|---|
Solar Log Solar Log 250 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.8.4-56 |
| Running on/with | Platform Versions |
|---|---|
Solar Log Solar Log 300 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.8.4-56 |
| Running on/with | Platform Versions |
|---|---|
Solar Log Solar Log 500 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.8.4-56 |
| Running on/with | Platform Versions |
|---|---|
Solar Log Solar Log 800e | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.8.4-56 |
| Running on/with | Platform Versions |
|---|---|
Solar Log Solar Log 1000 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.8.4-56 |
| Running on/with | Platform Versions |
|---|---|
Solar Log Solar Log 1000 Pm+ | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.8.4-56 |
| Running on/with | Platform Versions |
|---|---|
Solar Log Solar Log 1200 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.8.4-56 |
| Running on/with | Platform Versions |
|---|---|
Solar Log Solar Log 2000 | All versions |
References (4)
Source: cna@vuldb.com
ExploitMailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMailing ListThird Party Advisory
Timeline
No history available yet.