PT-2018-9995 · Sel · Sel Compass

Publicado

2018-07-24

Atualizado

2020-08-31

CVE-2018-10604

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: SEL Compass versions 3.0.5.1 and prior

Description: The issue allows all users full access to the SEL Compass directory, which may enable modification or overwriting of files within the Compass installation folder. This could result in escalation of privilege and/or malicious code execution.

Recommendations: For SEL Compass versions 3.0.5.1 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

CVE-2018-10604

Produtos afetados

Sel Compass

PT-2018-9995 · Sel · Sel Compass

CVE-2018-10604

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3