CRITICAL🇵🇱 Wersja polska

CVE-2018-20033

CVSS 9.8v3.1pub. 2019-02-25upd. 2024-11-21

A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier could allow a remote attacker to corrupt the memory by allocating / deallocating memory, loading lmgrd or the vendor daemon and causing the heartbeat between lmgrd and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Flexera Flexnet Publisher

    APP
    Flexera
    ≤ 11.16.1.0
  • Oracle Communications Lsms

    APP
    Oracle
    13.1 – 13.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2021-21783CRITICAL9.8ten sam produkt

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A sp...

CVE-2019-8963HIGH7.5ten sam produkt

A Denial of Service (DoS) vulnerability was discovered in FlexNet Publisher's lmadmin 11.16.5, when doing a cr...

CVE-2020-12080HIGH7.5ten sam produkt

A Denial of Service vulnerability has been identified in FlexNet Publisher's lmadmin.exe version 11.16.6. A ce...

CVE-2020-12081HIGH7.5ten sam produkt

An information disclosure vulnerability has been identified in FlexNet Publisher lmadmin.exe 11.14.0.2. The we...

CVE-2020-10543HIGH8.2ten sam produkt

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression q...