exploitDog

GHSA-j8r2-c848-hx5v

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh.

Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh.

Ссылки

EPSS

Процентиль: 66%

0.00518

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-276

Связанные уязвимости

CVE-2020-28910

CVSS3: 9.8

nvd

больше 4 лет назад

Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh.

EPSS

Процентиль: 66%

0.00518

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-276