Published: 04/04/2018 Updated: 22/05/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to work with that layer.

Vulnerable Product	Search on Vulmon	Subscribe to Product
systematicinc sitaware 6.4

# Exploit Title: SitAware NVG Denial of Service # Date: 03/31/2018 # Exploit Author: 2u53 # Vendor Homepage: systematiccom/defence/products/c2/sitaware/ # Version: 64 SP2 # Tested on: Windows Server 2012 R2 # CVE: CVE-2018-9115 # Remarks: PoC needs bottlypy: # bottlepyorg/docs/dev/ # rawgithubusercontentcom/bootlepy/b ...

Systematic SitAware suffers from a denial of service vulnerability ...

CWE-20 https://www.exploit-db.com/exploits/44375/https://packetstormsecurity.com/files/146982 https://exchange.xforce.ibmcloud.com/vulnerabilities/141099 https://nvd.nist.gov https://www.exploit-db.com/exploits/44375/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-9115

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect