PT-2018-5161 · Ubiquiti Networks · Edgeos

Publicado

2018-03-22

Atualizado

2019-10-09

CVE-2017-0934

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Ubiquiti Networks EdgeOS versions 1.9.1 and prior

Description The issue is due to improper privilege management, resulting from a lack of protection of the file system. This allows sensitive information to be exposed. An attacker with access to an operator (read-only) account could potentially escalate privileges to admin (root) access in the system.

Recommendations For Ubiquiti Networks EdgeOS versions 1.9.1 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-269

Identificadores relacionados

CVE-2017-0934

Produtos afetados

Edgeos

PT-2018-5161 · Ubiquiti Networks · Edgeos

CVE-2017-0934

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4