Rhino Security Labs

Unitrends Enterprise Backup Privilege Escalation in users.php File
[CVE-2017-7284]

Vulnerability Details

CVSS Rating: 8.8 (high)

CVE-2017-7284

Disclosing Company: Rhino Security Labs

Date: 04/12/2017

Status: Published

Affected software/version:
Unitrends Enterprise Backup < 9.1.2

Disclosure

CVSS Metrics

CVSS Rating (version 3.0)

8.8 (High)

Impact Score

Exploitability Score

5.9

2.8

Attack Vector

Network

Attack Complexity (AC)Low Privileges Required (PR)Low User Interaction (UI)None Scope (S)Unchanged

Confidentiality (C)High Integrity (I)High Availability (A)High