Описание
An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.62.2 (включая)Версия до 7.17.7 (исключая)Версия от 8.0.0 (включая) до 8.4.0 (исключая)
Одновременно
Одно из
cpe:2.3:a:elastic:endgame:*:*:*:*:*:*:*:*
cpe:2.3:a:elastic:endpoint_security:*:*:*:*:*:*:*:*
cpe:2.3:a:elastic:endpoint_security:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00059
Низкий
7.8 High
CVSS3
Дефекты
CWE-269
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.8
github
около 3 лет назад
An issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
EPSS
Процентиль: 18%
0.00059
Низкий
7.8 High
CVSS3
Дефекты
CWE-269
NVD-CWE-noinfo