PT-2013-4435 · Groundwork · Groundwork Monitor Enterprise
Johannes Greil
·
Published
2013-05-08
·
Updated
2013-05-08
·
CVE-2013-3500
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
GroundWork Monitor Enterprise version 6.7.0
Description
The issue concerns the Foundation webapp admin interface in GroundWork Monitor Enterprise, where it uses the nagios account as the owner of writable files under /usr/local/groundwork. This setup allows attackers to bypass intended filesystem restrictions by leveraging access to a GroundWork script.
Recommendations
For GroundWork Monitor Enterprise version 6.7.0, consider changing the ownership of writable files under /usr/local/groundwork to a more restrictive account to prevent unauthorized access. Additionally, restrict access to GroundWork scripts to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Groundwork Monitor Enterprise