Описание
SmartLine DeviceLock before 5.73 Build 305 does not properly enforce access control lists (ACL) in raw mode, which allows local users to bypass NTFS controls and obtain sensitive information.
Ссылки
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:smartline:devicelock:5.72:*:*:*:*:*:*:*
cpe:2.3:a:smartline:devicelock:5.73_build_288:*:*:*:*:*:*:*
cpe:2.3:a:smartline:devicelock:5.73_build_300:*:*:*:*:*:*:*
cpe:2.3:a:smartline:devicelock:5.73_build_303:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00043
Низкий
4.9 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
SmartLine DeviceLock before 5.73 Build 305 does not properly enforce access control lists (ACL) in raw mode, which allows local users to bypass NTFS controls and obtain sensitive information.
EPSS
Процентиль: 13%
0.00043
Низкий
4.9 Medium
CVSS2
Дефекты
NVD-CWE-Other