exploitDog

GHSA-9gph-8xxh-c4w6

Опубликовано: 06 июл. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.3

Описание

A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”.

A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”.

Ссылки

EPSS

Процентиль: 35%

0.00144

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-276

Связанные уязвимости

CVE-2023-29057

CVSS3: 7.3

nvd

почти 3 года назад

A valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to a privilege escalation. To be vulnerable, LDAP must be configured for authentication/authorization and logins configured as “Local First, then LDAP”.

EPSS

Процентиль: 35%

0.00144

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-276