Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:mycroft:mycroft-core:0.7.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-1000621 |
Mycroft AI mycroft-core version 18.2.8b and earlier contains a Incorrect Access Control vulnerability in Websocket configuration that can result in code execution. This impacts ONLY the Mycroft for Linux and "non-enclosure" installs - Mark 1 and Picroft unaffected. This attack appear to be exploitable remote access to the unsecured websocket server. This vulnerability appears to have been fixed in No fix currently available. Published: July 09, 2018; 4:29:00 PM -0400 |
V3.0: 8.1 HIGH V2.0: 6.8 MEDIUM |