Vulnerability Description
AdRem NetCrunch 10.6.0.4587 has an Improper Session Handling vulnerability in the NetCrunch web client, which can lead to an authentication bypass or escalation of privileges.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adremsoft | Netcrunch | <= 11.0.0.5282 |
Related Weaknesses (CWE)
References
- https://compass-security.com/fileadmin/Research/Advisories/2020-14_CSNC-2019-015ExploitTechnical DescriptionThird Party Advisory
- https://www.adremsoft.com/support/Product
- https://compass-security.com/fileadmin/Research/Advisories/2020-14_CSNC-2019-015ExploitTechnical DescriptionThird Party Advisory
- https://www.adremsoft.com/support/Product
FAQ
What is CVE-2019-14480?
CVE-2019-14480 is a vulnerability with a CVSS score of 9.8 (CRITICAL). AdRem NetCrunch 10.6.0.4587 has an Improper Session Handling vulnerability in the NetCrunch web client, which can lead to an authentication bypass or escalation of privileges.
How severe is CVE-2019-14480?
CVE-2019-14480 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-14480?
Check the references section above for vendor advisories and patch information. Affected products include: Adremsoft Netcrunch.