← voltar
CVE-2019-7323

CVE-2019-7323

EPSS 1.1%
GUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. The update process relies on cleartext HTTP. The attacker could replace the LogMXUpdater.class file.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bmantra.github.io/logmx/logmx.htmlhttps://github.com/bmantra/bmantra.github.io/blob/master/logmx/logmx.htmlhttps://logmx.com/download