Vulnerability Description
NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nuuo | Nuuo Cms | <= 3.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105717Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/105717Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02PatchThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2018-17890?
CVE-2018-17890 is a vulnerability with a CVSS score of 9.8 (CRITICAL). NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution.
How severe is CVE-2018-17890?
CVE-2018-17890 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-17890?
Check the references section above for vendor advisories and patch information. Affected products include: Nuuo Nuuo Cms.