Описание
Zend Platform 2.2.3 and earlier has incorrect ownership for scd.sh and certain other files, which allows local users to gain root privileges by modifying the files. NOTE: this only occurs when safe_mode and open_basedir are disabled; other settings require leverage for other vulnerabilities.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zend:zend_platform:2.2.1a:*:*:*:*:*:*:*
cpe:2.3:a:zend:zend_platform:2.2.1a:a:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00053
Низкий
6.2 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Zend Platform 2.2.3 and earlier has incorrect ownership for scd.sh and certain other files, which allows local users to gain root privileges by modifying the files. NOTE: this only occurs when safe_mode and open_basedir are disabled; other settings require leverage for other vulnerabilities.
EPSS
Процентиль: 17%
0.00053
Низкий
6.2 Medium
CVSS2
Дефекты
NVD-CWE-Other