CVE-2017-7552

critical

Description

A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core installation.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1477797

https://access.redhat.com/errata/RHSA-2017:2675

https://access.redhat.com/errata/RHSA-2017:2674

Details

Source: Mitre, NVD

Published: 2017-09-29

Updated: 2019-10-03

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical