Описание
An issue was discovered in MagniComp SysInfo before 10-H82 if setuid root (the default). This vulnerability allows any local user on a Linux/UNIX system to run SysInfo and obtain a root shell, which can be used to compromise the local system.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10-h76 (включая) до 10-h81 (включая)
Одновременно
cpe:2.3:a:magnicomp:sysinfo:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00039
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
An issue was discovered in MagniComp SysInfo before 10-H82 if setuid root (the default). This vulnerability allows any local user on a Linux/UNIX system to run SysInfo and obtain a root shell, which can be used to compromise the local system.
EPSS
Процентиль: 12%
0.00039
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
NVD-CWE-noinfo