CVE-2017-9644

CVE-2017-9644

Vendor N/A
Product Automated Logic Corporation WebCTRL, i-VU, SiteScan
Weakness CWE-428
Published August 25, 2017
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An unquoted search path vulnerability may allow a non-privileged local attacker to change files in the installation directory and execute arbitrary code with elevated privileges.

Key dates

02Disclosure timeline

August 25, 2017 CVE published
August 5, 2024 Record updated