Описание
Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does not check whether the log file can be written to, which allows attackers to prevent events from being recorded by opening the log file using an application such as Microsoft's Event Viewer.
Ссылки
- Broken LinkPatchThird Party AdvisoryVDB Entry
- Broken LinkPatch
- Broken LinkPatch
- Broken LinkPatchThird Party AdvisoryVDB Entry
- Broken LinkPatchThird Party AdvisoryVDB Entry
- Broken LinkPatch
- Broken LinkPatch
- Broken LinkPatchThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:heysoft:eventsave:5.1:*:*:*:*:*:*:*
cpe:2.3:a:heysoft:eventsave:5.2:*:*:*:*:*:*:*
cpe:2.3:a:heysoft:eventsave\+:5.1:*:*:*:*:*:*:*
cpe:2.3:a:heysoft:eventsave\+:5.2:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00119
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-667
Связанные уязвимости
CVSS3: 3.3
github
почти 4 года назад
Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does not check whether the log file can be written to, which allows attackers to prevent events from being recorded by opening the log file using an application such as Microsoft's Event Viewer.
EPSS
Процентиль: 31%
0.00119
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-667