Описание
The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near future.
EPSS
Процентиль: 49%
0.00257
Низкий
8.8 High
CVSS3
Дефекты
CWE-250
Связанные уязвимости
CVSS3: 8.8
github
около 1 года назад
The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near future.
EPSS
Процентиль: 49%
0.00257
Низкий
8.8 High
CVSS3
Дефекты
CWE-250