Vulnerability Details CVE-2021-38289
An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- https://github.com/viperbluff/Novastar-VNNOX-iCare-Privilege-Escalation
- https://twitter.com/viperbluff/status/1439941380244230150?s=20&t=iPSn8eNxaxUKis5OKSQJRQ
- https://github.com/viperbluff/Novastar-VNNOX-iCare-Privilege-Escalation
- https://twitter.com/viperbluff/status/1439941380244230150?s=20&t=iPSn8eNxaxUKis5OKSQJRQ