exploitDog

GHSA-634r-5wp4-57x4

Опубликовано: 06 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

There is an unquoted service path in Sherpa Connector Service (SherpaConnectorService.exe) 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file.

There is an unquoted service path in Sherpa Connector Service (SherpaConnectorService.exe) 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file.

Ссылки

EPSS

Процентиль: 44%

0.00216

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-428

Связанные уязвимости

CVE-2022-23909

CVSS3: 7.8

nvd

почти 4 года назад

There is an unquoted service path in Sherpa Connector Service (SherpaConnectorService.exe) 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file.

EPSS

Процентиль: 44%

0.00216

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-428