CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-2208

Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.5%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html
https://jvn.jp/en/jp/JVN27198823/index.html
http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html
https://jvn.jp/en/jp/JVN27198823/index.html

Products affected by CVE-2017-2208

Acquisition Technology And Logistics Agency » Installer Of Electronic Tendering » Version: 06112017

cpe:2.3:a:acquisition_technology_and_logistics_agency:installer_of_electronic_tendering:06112017

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-2208

Products

Pricing

Contact Us