Vulnerability Details : CVE-2017-7552
A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core installation.
Exploit prediction scoring system (EPSS) score for CVE-2017-7552
Probability of exploitation activity in the next 30 days: 0.24%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 61 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-7552
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2017-7552
-
https://access.redhat.com/errata/RHSA-2017:2675
RHSA-2017:2675 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2017:2674
RHSA-2017:2674 - Security Advisory - Red Hat Customer Portal
-
https://bugzilla.redhat.com/show_bug.cgi?id=1477797
1477797 – (CVE-2017-7552) CVE-2017-7552 RHMAP Millicore IDE allows RCE on SCMIssue Tracking
Products affected by CVE-2017-7552
- cpe:2.3:a:redhat:mobile_application_platform:*:*:*:*:*:*:*:*