X11 Connection Vulnerability in MobaXterm Server Configuration
CVE-2015-7244

Currently unrated

Key Information:

Vendor

Mobatek

Status
Mobaxterm
Vendor
CVE Published:
4 November 2015

What is CVE-2015-7244?

The MobaXterm application, prior to version 8.3, is susceptible to an Access Control misconfiguration that allows remote attackers to connect without authentication for X11 sessions. This vulnerability permits unauthorized users to execute arbitrary commands or acquire sensitive information through unprotected X11 packets, posing a substantial risk to the integrity and confidentiality of the affected systems.

References

http://blog.mobatek.net/post/mobaxterm-new-release-8.3/
x_refsource_CONFIRM
http://www.securifera.com/advisories/cve-2015-7244
x_refsource_MISC
http://www.kb.cert.org/vuls/id/316888
third-party-advisoryx_refsource_CERT-VN

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2015-7244 : X11 Connection Vulnerability in MobaXterm Server Configuration