Описание
The installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate files within the installation directory and execute arbitrary code with the administrative privilege.
Ссылки
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.4.2 (исключая)
Одновременно
cpe:2.3:a:secuavail:logstare_collector:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 2%
0.00014
Низкий
5.5 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-276
Связанные уязвимости
CVSS3: 5.5
github
3 месяца назад
The installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate files within the installation directory and execute arbitrary code with the administrative privilege.
EPSS
Процентиль: 2%
0.00014
Низкий
5.5 Medium
CVSS3
7.8 High
CVSS3
Дефекты
CWE-276