Описание
Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.
Ссылки
- ExploitMailing ListPatchThird Party AdvisoryVendor Advisory
- Not ApplicablePatchVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- ExploitMailing ListPatchThird Party AdvisoryVendor Advisory
- Not ApplicablePatchVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:raritan:dominion_sx4_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:raritan:dominion_sx4:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:raritan:dominion_sx8_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:raritan:dominion_sx8:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:o:raritan:dominion_sx16_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:raritan:dominion_sx16:-:*:*:*:*:*:*:*
Конфигурация 4
Одновременно
cpe:2.3:o:raritan:dominion_sx32_firmware:2.4.6:*:*:*:*:*:*:*
cpe:2.3:h:raritan:dominion_sx32:-:*:*:*:*:*:*:*
Конфигурация 5
Одновременно
cpe:2.3:o:raritan:dominion_sxa-48_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:raritan:dominion_sxa-48:-:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00153
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-863
Связанные уязвимости
github
почти 4 года назад
Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.
EPSS
Процентиль: 36%
0.00153
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-863