Описание
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 23q4 (исключая)
cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00083
Низкий
7.8 High
CVSS3
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 7.8
github
около 2 лет назад
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access.
EPSS
Процентиль: 24%
0.00083
Низкий
7.8 High
CVSS3
Дефекты
CWE-732