Overview
- Description
- CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash scripts that are executed as root.
- Source
- cybersecurity@se.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- cybersecurity@se.com
- CWE-347
Social media
- Hype score
- Not currently trending