CVE-2018-9115 Information

Description

Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g. information utilizing the NVG interface. An attacker can freeze the Situational Layer which means that the Situational Picture is no longer updated. Unfortunately the user cannot notice until he tries to work with that layer.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/141099 https://packetstormsecurity.com/files/146982 https://www.exploit-db.com/exploits/44375/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

LOW

Base Severity

5.3