CVE-2015-7359

Опубликовано: 03 окт. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

The (1) IsVolumeAccessibleByCurrentUser and (2) MountDevice methods in Ntdriver.c in TrueCrypt 7.0, VeraCrypt before 1.15, and CipherShed, when running on Windows, do not check the impersonation level of impersonation tokens, which allows local users to impersonate a user at SecurityIdentify level and gain access to other users' mounted encrypted volumes.

Ссылки

http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.html
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2015/09/22/7
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/09/24/3
Issue Tracking
Mailing List
Third Party Advisory
https://code.google.com/p/google-security-research/issues/detail?id=537
Issue Tracking
Third Party Advisory
https://veracrypt.codeplex.com/wikipage?title=Release%20Notes
Release Notes
Vendor Advisory
http://packetstormsecurity.com/files/133877/Truecrypt-7-Privilege-Escalation.html
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2015/09/22/7
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/09/24/3
Issue Tracking
Mailing List
Third Party Advisory
https://code.google.com/p/google-security-research/issues/detail?id=537
Issue Tracking
Third Party Advisory
https://veracrypt.codeplex.com/wikipage?title=Release%20Notes
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ciphershed:ciphershed:*:*:*:*:*:*:*:*

Версия до 0.7.5.0 (включая)

cpe:2.3:a:idrix:veracrypt:*:*:*:*:*:*:*:*

Версия до 1.14 (включая)

cpe:2.3:a:truecrypt:truecrypt:7.0:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00188

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-jxfm-p7rh-34g6