CVE-2018-13140
Antidote 9.5.1 Code Execution
Severity Score
8.1
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages.
Druide Antidote hasta la versión 9.5.1 en Windows y Linux permite la ejecución remota de código mediante el mecanismo de actualización aprovechando el uso de HTTP para descargar paquetes de instalación.
Antidote versions 9.5.1 and below suffer from an update related code execution vulnerability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-07-04 CVE Reserved
- 2018-09-21 CVE Published
- 2024-08-03 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-319: Cleartext Transmission of Sensitive Information
CAPEC
References (3)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Druide Search vendor "Druide" | Antidote 9 Search vendor "Druide" for product "Antidote 9" | <= 5.1 Search vendor "Druide" for product "Antidote 9" and version " <= 5.1" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Safe
|
Druide Search vendor "Druide" | Antidote 9 Search vendor "Druide" for product "Antidote 9" | <= 5.1 Search vendor "Druide" for product "Antidote 9" and version " <= 5.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|