Описание
FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and when the agent is bound to 0.0.0.0 (all interfaces), opens sockets in non-exclusive mode, which allows local users to hijack the socket, and capture data or cause a denial of service (loss of daemon operation).
Ссылки
- PatchVendor Advisory
- Patch
- Patch
- Patch
- PatchVendor Advisory
- Patch
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 1.1 (включая)
cpe:2.3:a:mandiant:first_response:*:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00099
Низкий
2.4 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and when the agent is bound to 0.0.0.0 (all interfaces), opens sockets in non-exclusive mode, which allows local users to hijack the socket, and capture data or cause a denial of service (loss of daemon operation).
EPSS
Процентиль: 28%
0.00099
Низкий
2.4 Low
CVSS2
Дефекты
NVD-CWE-Other