CVE-2019-6026

Privilege escalation vulnerability in Multiple MOTEX products (LanScope Cat client program (MR) and LanScope Cat client program (MR)LanScope Cat detection agent (DA) prior to Ver.9.2.1.0, LanScope Cat server monitoring agent (SA, SAE) prior to Ver.9.2.2.0, LanScope An prior to Ver 2.7.7.0 (LanScope An 2 series), and LanScope An prior to Ver 3.0.8.1 (LanScope An 3 series)) allow authenticated attackers to obtain unauthorized privileges and execute arbitrary code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
motexlanscope_an
2.0.0.0 ≤
𝑥
< 2.7.7.0
motexlanscope_an
3.0.0.0 ≤
𝑥
< 3.0.8.1
motexlanscope_cat_client_program
𝑥
< 8.4.3.2
motexlanscope_cat_client_program
9.0.0.0 ≤
𝑥
≤ 9.0.1.9
motexlanscope_cat_client_program
9.1.0.0 ≤
𝑥
≤ 9.1.0.8
motexlanscope_cat_client_program
9.2.0.0 ≤
𝑥
≤ 9.2.0.3
motexlanscope_cat_detection_agent
𝑥
< 8.4.3.2
motexlanscope_cat_detection_agent
9.0.0.0 ≤
𝑥
≤ 9.0.1.9
motexlanscope_cat_detection_agent
9.1.0.0 ≤
𝑥
≤ 9.1.0.8
motexlanscope_cat_detection_agent
9.2.0.0 ≤
𝑥
≤ 9.2.0.3
motexlanscope_cat_server_monitoring_agent
𝑥
< 9.2.2.0
𝑥
= Vulnerable software versions
References
http://jvn.jp/en/jp/JVN49068796/index.html
https://www.motex.co.jp/news/news_topics/2019/release191202/
http://jvn.jp/en/jp/JVN49068796/index.html
https://www.motex.co.jp/news/news_topics/2019/release191202/