CVE-2010-4099

ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
nitrosecuritynitroview_esm_software
8.4.0a:a
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.exploit-db.com/exploits/15318
http://www.securityfocus.com/bid/44421
http://www.securitytracker.com/id?1024639
https://exchange.xforce.ibmcloud.com/vulnerabilities/62768
http://www.exploit-db.com/exploits/15318
http://www.securityfocus.com/bid/44421
http://www.securitytracker.com/id?1024639
https://exchange.xforce.ibmcloud.com/vulnerabilities/62768