CVE-2018-17888

NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution.
References
Link Resource
https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02 Patch Third Party Advisory
http://www.securityfocus.com/bid/105717 Third Party Advisory VDB Entry
Configurations

Configuration 1

cpe:2.3:a:nuuo:nuuo_cms:*:*:*:*:*:*:*:*

Information

Published : 2018-10-12 02:29

Updated : 2019-10-09 11:36


NVD link : CVE-2018-17888

Mitre link : CVE-2018-17888

Products Affected
No products.
CWE