CVE-2021-42255

Опубликовано: 12 апр. 2022

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

AppGuard Enterprise before 6.7.100.1 creates a Temporary File in a Directory with Insecure Permissions. Local users can gain SYSTEM privileges because a repair operation relies on the %TEMP% directory of an unprivileged user.

Ссылки

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0022/MNDT-2022-0022.md
Third Party Advisory
https://www.beyondtrust.com/blog
Not Applicable
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0022/MNDT-2022-0022.md
Third Party Advisory
https://www.beyondtrust.com/blog
Not Applicable

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:blueplanet-works:appguard:*:*:*:*:enterprise:windows:*:*

Версия до 6.7.100.1 (исключая)

EPSS

Процентиль: 9%

0.00032

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-668

Связанные уязвимости

GHSA-pxfj-vmhh-m9gm