Vulnerability Details CVE-2022-43999
An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management services, arbitrary system commands can be executed on the server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.9%
CVSS Severity
CVSS v3 Score 9.8
References
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-034.txt
- https://www.syss.de/pentest-blog/vielfaeltige-schwachstellen-in-backclick-professional-syss-2022-026-bis-037
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-034.txt
- https://www.syss.de/pentest-blog/vielfaeltige-schwachstellen-in-backclick-professional-syss-2022-026-bis-037