Vulnerability Details CVE-2018-1000048
NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim tries to retrieve and process a weather data file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2018-1000048
-
cpe:2.3:a:nasa:rtretrievalframework:1.0