Описание
The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses insecure default permissions (all users full control) for the CSD directory and its parent directory, which allow local users to gain privileges by replacing CSD executables, aka "Local Privilege Escalation".
Ссылки
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 3.1.1.33 (включая)
Одно из
cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_desktop:3.1.1.27:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00075
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses insecure default permissions (all users full control) for the CSD directory and its parent directory, which allow local users to gain privileges by replacing CSD executables, aka "Local Privilege Escalation".
EPSS
Процентиль: 23%
0.00075
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other