cbcvebase.
CVE-2018-9115
published 2018-04-04

CVE-2018-9115: Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the…

PriorityP340medium5.3CVSS 3.0
AVNACLPRNUINSUCNINAL
EXPLOIT
EPSS
6.02%
92.4th percentile
Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to work with that layer.

Affected

4 ranges
VendorProductVersion rangeFixed in
openexropenexr>= 0 < 2.2.0-10ubuntu2.22.2.0-10ubuntu2.2
openexropenexr>= 0 < 2.2.0-11.1ubuntu1.22.2.0-11.1ubuntu1.2
openexropenexr>= 0 < 2.3.0-6ubuntu0.12.3.0-6ubuntu0.1
systematicincsitaware

CVSS provenance

nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.