Vulnerability Details CVE-2017-9650
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to upload a malicious file allowing the execution of arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
Products affected by CVE-2017-9650
-
cpe:2.3:a:automatedlogic:i-vu:5.2
-
cpe:2.3:a:automatedlogic:i-vu:5.5
-
cpe:2.3:a:automatedlogic:i-vu:6.0
-
cpe:2.3:a:automatedlogic:i-vu:6.5
-
cpe:2.3:a:automatedlogic:sitescan_web:5.2
-
cpe:2.3:a:automatedlogic:sitescan_web:5.5
-
cpe:2.3:a:automatedlogic:sitescan_web:6.1
-
cpe:2.3:a:automatedlogic:sitescan_web:6.5
-
cpe:2.3:a:carrier:automatedlogic_webctrl:5.2
-
cpe:2.3:a:carrier:automatedlogic_webctrl:5.5
-
cpe:2.3:a:carrier:automatedlogic_webctrl:6.0
-
cpe:2.3:a:carrier:automatedlogic_webctrl:6.1
-
cpe:2.3:a:carrier:automatedlogic_webctrl:6.5