PT-2017-14584 · Unknown · Pnp4Nagios
Publicado
2017-11-16
·
Atualizado
2019-10-03
·
CVE-2017-16834
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
PNP4Nagios versions prior to 0.6.27
Description
The issue allows local users to gain privileges by leveraging access to an unprivileged account, as /usr/bin/npcd and npcd.cfg are owned by this account but are used for root code execution.
Recommendations
For versions prior to 0.6.27, update to version 0.6.27 or later to resolve the issue.
Correção
Incorrect Permission
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Pnp4Nagios