CVE-2018-17892
First published: Fri Oct 12 2018(Updated: )
NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security features to not be utilized as intended, which could allow user account compromise and may allow for remote code execution.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nuuo Nuuo Cms | <=3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-17892?
CVE-2018-17892 is considered to be of high severity due to potential user account compromise and the risk of remote code execution.
How do I fix CVE-2018-17892?
To mitigate CVE-2018-17892, upgrade the NUUO CMS to a version higher than 3.1 where the vulnerability is addressed.
What types of systems are affected by CVE-2018-17892?
CVE-2018-17892 affects all versions of NUUO CMS up to and including version 3.1.
What kind of attacks could exploit CVE-2018-17892?
CVE-2018-17892 could be exploited through compromised user accounts, potentially leading to unauthorized access and remote code execution.
Is there a patch available for CVE-2018-17892?
Yes, to address CVE-2018-17892, users should install the latest version of NUUO CMS that contains the necessary security updates.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/author
- agent/remedy
- agent/severity
- agent/weakness
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/nuuo
- canonical/nuuo nuuo cms
- version/nuuo nuuo cms/3.1