CVE-2017-6894 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2017-6894?

CVE-2017-6894 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-6894?

Check the references section above for vendor advisories and patch information. Affected products include: Flexera Flexnet Manager, Flexera Flexnet Manager Suite 2015.

Vulnerability Description

A vulnerability exists in FlexNet Manager Suite releases 2015 R2 SP3 and earlier (including FlexNet Manager Platform 9.2 and earlier) that affects the inventory gathering components and can be exploited by local users to perform certain actions with elevated privileges on the local system.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Flexera	Flexnet Manager	<= 9.2
Flexera	Flexnet Manager Suite 2015	-

Related Weaknesses (CWE)

CWE-269

References

https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/A-vulnerability-Vendor Advisory
https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/A-vulnerability-Vendor Advisory

FAQ

What is CVE-2017-6894?

CVE-2017-6894 is a vulnerability with a CVSS score of 7.8 (HIGH). A vulnerability exists in FlexNet Manager Suite releases 2015 R2 SP3 and earlier (including FlexNet Manager Platform 9.2 and earlier) that affects the inventory gathering components and can be exploit...

How severe is CVE-2017-6894?

CVE-2017-6894 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-6894?

Check the references section above for vendor advisories and patch information. Affected products include: Flexera Flexnet Manager, Flexera Flexnet Manager Suite 2015.