Описание
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:bindview:netrc:1.0:*:*:*:*:*:*:*
cpe:2.3:a:bindview:netrc:3.06:*:*:*:*:*:*:*
cpe:2.3:a:funk_software:funk_software_proxy:3.0:*:*:*:*:*:*:*
cpe:2.3:a:funk_software:funk_software_proxy:3.06:*:*:*:*:*:*:*
cpe:2.3:a:funk_software:funk_software_proxy:3.09:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01669
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges.
EPSS
Процентиль: 81%
0.01669
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other