CVE-2020-7382

Summary

Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40.

Affected Software

VendorProductVersion RangeStatus
Rapid7Nexposeunspecified < 6.6.40affected

Weaknesses

  • CWE-428: CWE-428 Unquoted Search Path or Element

ADP Enrichment

CVE Program Container

Additional References

References