CVE-2019-7711

EUVD-2019-17243
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the (user controlled) shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addresses.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
Affected Products (NVD)
VendorProductVersion
ghsintegrity_rtos
5.0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/bl4ckic3/GHS-Bugs
https://www.ghs.com/products/rtos/integrity.html
https://github.com/bl4ckic3/GHS-Bugs
https://www.ghs.com/products/rtos/integrity.html