How severe is CVE-2019-17102?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2019-17102?

This is classified as CWE-413, which is a common weakness in software security.

CVE-2019-17102

HIGH Year: 2019

CVSS v3 Score

8.1

High

CVSS v2 Score

9.3

Critical

Weakness Type

CWE-413

View all →

Vulnerability Description

An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks atomically, leading to an exploitable race condition (TOCTTOU) that allows arbitrary execution of system commands. This issue affects: Bitdefender Bitdefender BOX 2 versions prior to 2.1.47.36.

CVE-2022-49737

HIGH

CVSS:7.7(High)

In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a loc...

CWE-4132022

CVE-2022-20678

HIGH

CVSS:7.5(High)

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) conditio...

CWE-4132022

CVE-2023-28649

HIGH

CVSS:7.5(High)

The Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested devices connected to it. A vulnerability exists in which an attacker could impersonate a hub and send devic...

CWE-4132023