CVE-2019-15131

Published: Sep 17, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. This vulnerability could allow an attacker to create directories and save files on Code42 servers, which could potentially lead to code execution.

Affected (3)

Products: Code42: Code42

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Code42 Code42	Up to 6.7.5
Code42 Code42	From 6.8.4 to 6.8.8
Code42 Code42	Version 7.0.0

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

https://code42.com/r/support/CVE-2019-15131

Source: cve@mitre.org

Vendor Advisory

https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_security_advisories

Source: cve@mitre.org

Vendor Advisory

https://code42.com/r/support/CVE-2019-15131

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_security_advisories

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.