exploitDog

GHSA-3w87-5jwj-39vh

Опубликовано: 30 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product.

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product.

Ссылки

EPSS

Процентиль: 12%

0.0004

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2022-29934

CVSS3: 7.8

nvd

почти 4 года назад

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product.

EPSS

Процентиль: 12%

0.0004

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-287