Arbitrary Process Killing Vulnerability in supportutils (CVE-2018-19638)

Arbitrary Process Killing Vulnerability in supportutils (CVE-2018-19638)

CVE-2018-19640 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 (e.g. with CVE-2018-19638) he can kill arbitrary processes on the local machine.

Learn more about our Web Application Penetration Testing UK.