Описание
Cryoserver Security Appliance 7.3.x uses weak permissions for /etc/init.d/cryoserver, which allows local users to gain privileges by leveraging access to the support account and running the /bin/cryo-mgmt program.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cryoserver:cryoserver_security_appliance:7.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cryoserver:cryoserver_security_appliance:7.3.0:a:*:*:*:*:*:*
cpe:2.3:a:cryoserver:cryoserver_security_appliance:7.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cryoserver:cryoserver_security_appliance:7.3.1:a:*:*:*:*:*:*
cpe:2.3:a:cryoserver:cryoserver_security_appliance:7.3.2:*:*:*:*:*:*:*
cpe:2.3:a:cryoserver:cryoserver_security_appliance:7.3.3:*:*:*:*:*:*:*
cpe:2.3:a:cryoserver:cryoserver_security_appliance:7.3.4:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00069
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Cryoserver Security Appliance 7.3.x uses weak permissions for /etc/init.d/cryoserver, which allows local users to gain privileges by leveraging access to the support account and running the /bin/cryo-mgmt program.
EPSS
Процентиль: 21%
0.00069
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264