PT-2022-12018 · Cfengine+1 · Cfengine Enterprise+1

Published

2022-03-07

·

Updated

2024-06-27

·

CVE-2021-44215

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions CFEngine Enterprise version 3.15.4
Description The issue is related to Insecure Permissions, which may allow unauthorized local users to have an unspecified impact.
Recommendations For version 3.15.4, update to version 3.15.5 to resolve the issue.

Exploit

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2021-44215
ROSA-SA-2024-2436
SUSE-SU-2023:2126-1
SUSE-SU-2023_2126-1

Affected Products

Cfengine Enterprise
Suse