Описание
Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csia_config.xml, which allows local users to change CSI Agent configuration by modifying this file.
Ссылки
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 6.0.0 (включая) до 6.0.0.15017 (включая)Версия от 6.0.1 (включая) до 6.0.1.1007 (включая)Версия от 7.0.0 (включая) до 7.0.0.21 (включая)
Одновременно
Одно из
cpe:2.3:a:secunia:csi_agent:*:*:*:*:*:*:*:*
cpe:2.3:a:secunia:csi_agent:*:*:*:*:*:*:*:*
cpe:2.3:a:secunia:csi_agent:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00065
Низкий
3.6 Low
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csia_config.xml, which allows local users to change CSI Agent configuration by modifying this file.
EPSS
Процентиль: 20%
0.00065
Низкий
3.6 Low
CVSS2
Дефекты
CWE-264