Command Injection Vulnerability in Cerner Connectivity Engine (CCE) 4 Devices

Command Injection Vulnerability in Cerner Connectivity Engine (CCE) 4 Devices

CVE-2018-20053 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network.

Learn more about our Cis Benchmark Audit For Server Software.