A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Flash Memory. The manipulation leads to privilege escalation. The attack can be launched remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Mar/58 | Exploit Mailing List Third Party Advisory |
https://vuldb.com/?id.98935 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
17 Jun 2022, 19:09
Type | Values Removed | Values Added |
---|---|---|
First Time |
Solar-log solar-log 800e Firmware
Solar-log solar-log 250 Firmware Solar-log solar-log 1000 Pm\+ Solar-log solar-log 1200 Solar-log solar-log 1000 Solar-log solar-log 500 Solar-log solar-log 300 Solar-log solar-log 300 Firmware Solar-log solar-log 500 Firmware Solar-log solar-log 800e Solar-log solar-log 2000 Solar-log solar-log 250 Solar-log solar-log 2000 Firmware Solar-log solar-log 1000 Pm\+ Firmware Solar-log solar-log 1000 Firmware Solar-log Solar-log solar-log 1200 Firmware |
|
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:o:solar-log:solar-log_1000_pm\+_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_2000_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_300:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_250_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_800e:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_500_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1000_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_2000:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_800e_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_250_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_800e_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_300_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1200_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_250:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1000_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_2000_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_300_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_500_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_1000_pm\+:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1200_firmware:3.5.2-85:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_500:-:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_1000:-:*:*:*:*:*:*:* cpe:2.3:o:solar-log:solar-log_1000_pm\+_firmware:2.8.4-56:*:*:*:*:*:*:* cpe:2.3:h:solar-log:solar-log_1200:-:*:*:*:*:*:*:* |
|
References | (MISC) https://vuldb.com/?id.98935 - Third Party Advisory | |
References | (MISC) http://seclists.org/fulldisclosure/2017/Mar/58 - Exploit, Mailing List, Third Party Advisory |
09 Jun 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-09 23:15
Updated : 2023-12-10 14:22
NVD link : CVE-2017-20025
Mitre link : CVE-2017-20025
CVE.ORG link : CVE-2017-20025
JSON object : View
Products Affected
solar-log
- solar-log_250_firmware
- solar-log_1000_pm\+
- solar-log_500_firmware
- solar-log_1200
- solar-log_2000_firmware
- solar-log_500
- solar-log_2000
- solar-log_1200_firmware
- solar-log_1000
- solar-log_1000_pm\+_firmware
- solar-log_250
- solar-log_1000_firmware
- solar-log_300_firmware
- solar-log_800e_firmware
- solar-log_800e
- solar-log_300
CWE