CVE-2017-7552

critical

Description

A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core installation.

References

Advisories
More

https://access.redhat.com/errata/RHSA-2017:2675

https://access.redhat.com/errata/RHSA-2017:2674

https://bugzilla.redhat.com/show_bug.cgi?id=1477797

Details

Source: Mitre, NVD

Published: 2017-09-29

Updated: 2025-04-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.0041