Описание
The command line interface in Overland Storage Snap Server 410 with GuardianOS 5.1.041 runs the "less" utility with a higher-privileged uid than the CLI user and without sufficient restriction on shell escapes, which allows local users to gain privileges using the "!" character within less to access a privileged shell.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:h:overlandstorage:snap_server_410:*:*:*:*:*:*:*:*
cpe:2.3:o:overlandstorage:guardianos:5.1.041:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00315
Низкий
7.2 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The command line interface in Overland Storage Snap Server 410 with GuardianOS 5.1.041 runs the "less" utility with a higher-privileged uid than the CLI user and without sufficient restriction on shell escapes, which allows local users to gain privileges using the "!" character within less to access a privileged shell.
EPSS
Процентиль: 54%
0.00315
Низкий
7.2 High
CVSS2
Дефекты
CWE-264