Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to work with that layer.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/141099 | VDB Entry |
https://packetstormsecurity.com/files/146982 | Exploit Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/44375/ | Exploit Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2018-04-04 19:29
Updated : 2024-02-04 19:46
NVD link : CVE-2018-9115
Mitre link : CVE-2018-9115
CVE.ORG link : CVE-2018-9115
JSON object : View
Products Affected
systematicinc
- sitaware
CWE
CWE-20
Improper Input Validation