Описание
An issue was discovered in Listary through 6. When Listary is configured as admin, Listary will not ask for permissions again if a user tries to access files on the system from Listary itself (it will bypass UAC protection; there is no privilege validation of the current user that runs via Listary).
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6 (включая)
cpe:2.3:a:bopsoft:listary:*:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00242
Низкий
7.5 High
CVSS3
7.6 High
CVSS2
Дефекты
CWE-862
Связанные уязвимости
github
около 4 лет назад
An issue was discovered in Listary through 6. When Listary is configured as admin, Listary will not ask for permissions again if a user tries to access files on the system from Listary itself (it will bypass UAC protection; there is no privilege validation of the current user that runs via Listary).
EPSS
Процентиль: 47%
0.00242
Низкий
7.5 High
CVSS3
7.6 High
CVSS2
Дефекты
CWE-862