Connectivity Engine (CCE) 4

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2018-20053	Cerner Connectivity Engine (CCE) 4		0.01	—	0.07		Apr 25, 2019	An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network.
CVE-2018-20052	Cerner Connectivity Engine (CCE) 4		0.00	—	0.00		Apr 25, 2019	An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script"…

CVE-2018-20053Apr 25, 2019
Cerner
Connectivity Engine (CCE) 4
risk 0.01cvss —epss 0.07
An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network.
CVE-2018-20052Apr 25, 2019
Cerner
Connectivity Engine (CCE) 4
risk 0.00cvss —epss 0.00
An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script"…