Comparex Miss Marple vulnerabilities
2 known vulnerabilities affecting comparex/miss_marple.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2018-19234P2HIGHCVSS 8.8fixed in 2.02018-12-20
CVE-2018-19234 [HIGH] CWE-494 CVE-2018-19234: The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote
The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation.
nvd
CVE-2018-19233P3HIGHCVSS 7.8fixed in 2.02018-12-20
CVE-2018-19233 [HIGH] CWE-798 CVE-2018-19233: COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by r
COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file.
nvd