CVE-2018-15573

CVE-2018-15573

** DISPUTED ** An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata parameter and a pathname in the lf parameter. By default, the web interface is on port 5054, and does not require authentication. NOTE: the vendor has stated "We do not consider this a vulnerability."

Source: CVE-2018-15573

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다