CVE-2018-9091
Summary
| CVE | CVE-2018-9091 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-05-25 19:29:00 UTC |
| Updated | 2019-10-03 00:03:00 UTC |
| Description | A critical vulnerability in the KEMP LoadMaster Operating System (LMOS) 6.0.44 through 7.2.41.2 and Long Term Support (LTS) LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, etc., thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information may be possible. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Kemptechnologies | Loadmaster Operating System | All | All | All | All |
| Operating System | Kemptechnologies | Loadmaster Operating System | All | All | All | All |
| Operating System | Kemptechnologies | Loadmaster Operating System | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Kemp Support | CONFIRM | support.kemptechnologies.com | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.