Vulnerabilities > CVE-2019-6026 - Unspecified vulnerability in Motex products

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

motex

NVD

Published: 2019-12-26

Updated: 2020-08-24

Summary

Privilege escalation vulnerability in Multiple MOTEX products (LanScope Cat client program (MR) and LanScope Cat client program (MR)LanScope Cat detection agent (DA) prior to Ver.9.2.1.0, LanScope Cat server monitoring agent (SA, SAE) prior to Ver.9.2.2.0, LanScope An prior to Ver 2.7.7.0 (LanScope An 2 series), and LanScope An prior to Ver 3.0.8.1 (LanScope An 3 series)) allow authenticated attackers to obtain unauthorized privileges and execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
Application	Motex Motex Lanscope AN * Motex Lanscope CAT Client Program * Motex Lanscope CAT Detection Agent * Motex Lanscope CAT Server Monitoring Agent *	5

References

http://jvn.jp/en/jp/JVN49068796/index.html
https://www.motex.co.jp/news/news_topics/2019/release191202/