PT-2018-9995 · Sel · Sel Compass

Published

2018-07-24

Updated

2020-08-31

CVE-2018-10604

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: SEL Compass versions 3.0.5.1 and prior

Description: The issue allows all users full access to the SEL Compass directory, which may enable modification or overwriting of files within the Compass installation folder. This could result in escalation of privilege and/or malicious code execution.

Recommendations: For SEL Compass versions 3.0.5.1 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2018-10604

Affected Products

Sel Compass

PT-2018-9995 · Sel · Sel Compass

CVE-2018-10604

Weakness Enumeration

Related Identifiers

Affected Products

References · 3