Описание
A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their choosing earlier in the search path utilized by Cisco Directory Connector to locate and load required resources.
Ссылки
- Broken LinkThird Party AdvisoryVDB Entry
- Vendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
EPSS
5.1 Medium
CVSS3
5.1 Medium
CVSS3
3.6 Low
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their choosing earlier in the search path utilized by Cisco Directory Connector to locate and load required resources.
Уязвимость приложения для синхронизации идентификаторов в облаке Cisco Directory Connector, связанная с ошибками механизма проверки пути поиска, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
5.1 Medium
CVSS3
5.1 Medium
CVSS3
3.6 Low
CVSS2