Vulnerability Details CVE-2019-12997
In Loopchain through 2.2.1.3, an attacker can escalate privileges from a low-privilege shell by changing the environment (aka injection in the DEFAULT_SCORE_HOST environment variable).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2019-12997
-
cpe:2.3:a:icon:loopchain:1.20.0
-
cpe:2.3:a:icon:loopchain:1.22.0
-
cpe:2.3:a:icon:loopchain:1.22.2
-
cpe:2.3:a:icon:loopchain:1.22.3
-
cpe:2.3:a:icon:loopchain:1.23.0
-
cpe:2.3:a:icon:loopchain:1.23.1
-
cpe:2.3:a:icon:loopchain:1.23.2
-
cpe:2.3:a:icon:loopchain:1.23.3
-
cpe:2.3:a:icon:loopchain:1.23.4
-
cpe:2.3:a:icon:loopchain:1.23.5
-
cpe:2.3:a:icon:loopchain:1.24.0
-
cpe:2.3:a:icon:loopchain:1.24.1
-
cpe:2.3:a:icon:loopchain:1.24.2
-
cpe:2.3:a:icon:loopchain:2.0.0
-
cpe:2.3:a:icon:loopchain:2.0.1
-
cpe:2.3:a:icon:loopchain:2.0.10
-
cpe:2.3:a:icon:loopchain:2.0.11
-
cpe:2.3:a:icon:loopchain:2.0.2
-
cpe:2.3:a:icon:loopchain:2.0.3
-
cpe:2.3:a:icon:loopchain:2.0.4
-
cpe:2.3:a:icon:loopchain:2.0.5
-
cpe:2.3:a:icon:loopchain:2.0.6
-
cpe:2.3:a:icon:loopchain:2.0.7
-
cpe:2.3:a:icon:loopchain:2.0.8
-
cpe:2.3:a:icon:loopchain:2.0.9
-
cpe:2.3:a:icon:loopchain:2.1.0.0
-
cpe:2.3:a:icon:loopchain:2.1.1
-
cpe:2.3:a:icon:loopchain:2.1.2
-
cpe:2.3:a:icon:loopchain:2.1.3
-
cpe:2.3:a:icon:loopchain:2.1.4
-
cpe:2.3:a:icon:loopchain:2.1.5
-
cpe:2.3:a:icon:loopchain:2.1.6
-
cpe:2.3:a:icon:loopchain:2.1.7
-
cpe:2.3:a:icon:loopchain:2.1.8
-
cpe:2.3:a:icon:loopchain:2.2.0
-
cpe:2.3:a:icon:loopchain:2.2.1
-
cpe:2.3:a:icon:loopchain:2.2.1.1
-
cpe:2.3:a:icon:loopchain:2.2.1.2
-
cpe:2.3:a:icon:loopchain:2.2.1.3