virus logo Intrusion Prevention

Quest.Foglight.Evolve.CommandLineService.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass vulnerability in Quest Foglight Evolve.
This vulnerability is due to the use of hard-coded credentials. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request. A successful attack may result in Remote Code Execution.

affected-products-logoAffected Products

Foglight Evolve 2 versions prior to and including 9.1
Foglight for Databases 3 version prior to and including 5.9.5
Foglight for Storage Management 4 versions prior to and including 4.8
Foglight for Virtualization Enterprise Edition 5 versions prior to and including 8.9.1
Foglight 6 versions prior to and including 5.9.5

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.quest.com/foglight-evolve

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-08-04 21.368 Default_action:pass:drop
2022-07-27 21.364
ID 51880
Created Jul 19, 2022
Updated Jul 17, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2020-8868
Exploit Prediction Score 13.13%
Default Action drop
Active
Affected OS Windows, Linux
Affected App Other