PT-2021-17470 · Zoll · Zoll Defibrillator Dashboard

Published

2021-06-16

Updated

2022-04-25

CVE-2021-27483

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ZOLL Defibrillator Dashboard versions prior to 2.2

Description The affected products contain insecure filesystem permissions that could allow a lower privilege user to escalate privileges to an administrative level user.

Recommendations For versions prior to 2.2, update to version 2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the filesystem to minimize the risk of exploitation.

Fix

Improper Privilege Management

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269CWE-732

Related Identifiers

CVE-2021-27483

Affected Products

Zoll Defibrillator Dashboard

PT-2021-17470 · Zoll · Zoll Defibrillator Dashboard

CVE-2021-27483

Weakness Enumeration

Related Identifiers

Affected Products

References · 4