Douglasday

Name of the Vulnerable Software and Affected Versions: APM Java agent (affected versions not specified) Description: A local privilege escalation issue was found, allowing a user to attach a malicious file to an application running with the APM Java agent. This could enable a malicious user to run commands at a higher level of permissions. The issue affects setups via the attacher cli, the attach API, and configurations with the `profiling inferred spans enabled` option. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.