PT-2019-15755 · Titanhq · Webtitan
Publicado
2019-12-02
·
Atualizado
2019-12-06
·
CVE-2019-19014
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TitanHQ WebTitan versions prior to 5.18
Description
An issue was discovered that allows low-privilege users to execute a number of commands as root, including
mv, chown, and chmod, which can be exploited to gain root privileges by an attacker with access.Recommendations
For versions prior to 5.18, update to version 5.18 or later to resolve the issue. As a temporary workaround, consider restricting access to the sudoers file to minimize the risk of exploitation.
Exploit
Correção
Improper Privilege Management
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Webtitan