CVE-2017-20018

A vulnerability was found in XAMPP 7.1.1-0-VC14. It has been classified as problematic. Affected is an unknown function of the component Installer. The manipulation leads to privilege escalation. It is possible to launch the attack remotely.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
apachefriendsxampp
7.1.1-0-vc14
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://packetstormsecurity.com/files/142406/xampp-dllhijack.txt
https://vuldb.com/?id.100950
https://packetstormsecurity.com/files/142406/xampp-dllhijack.txt
https://vuldb.com/?id.100950