Vulnerability Description
The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains a Information Exposure Through Sent Data vulnerability in OMERO.server that can result in an Attacker gaining full administrative access to server and may be able to disable it. This vulnerability appears to have been fixed in 5.4.7.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openmicroscopy | Omero | >= 5.4.0, <= 5.4.6 |
Related Weaknesses (CWE)
References
- https://www.openmicroscopy.org/2018/07/26/omero-5-4-7.htmlPatchVendor Advisory
- https://www.openmicroscopy.org/security/advisories/2018-SV2-script-name-uuid/Vendor Advisory
- https://www.openmicroscopy.org/2018/07/26/omero-5-4-7.htmlPatchVendor Advisory
- https://www.openmicroscopy.org/security/advisories/2018-SV2-script-name-uuid/Vendor Advisory
FAQ
What is CVE-2018-1000635?
CVE-2018-1000635 is a vulnerability with a CVSS score of 6.7 (MEDIUM). The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains a Information Exposure Through Sent Data vulnerability in OMERO.server that can result in an Attacker gaining full administ...
How severe is CVE-2018-1000635?
CVE-2018-1000635 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-1000635?
Check the references section above for vendor advisories and patch information. Affected products include: Openmicroscopy Omero.