PT-2023-28688 · Dell · Powerprotect Agent For File System
Published
2023-11-22
·
Updated
2023-11-27
·
CVE-2023-43081
CVSS v3.1
4.0
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PowerProtect Agent for File System versions 19.14 and prior
Description
The issue is related to incorrect default permissions in the ddfscon component, allowing a low-privileged local attacker to potentially overwrite log files.
Recommendations
For versions 19.14 and prior, consider restricting access to the ddfscon component to prevent potential exploitation until a fix is available. As a temporary workaround, monitor log files closely for any unauthorized modifications.
Fix
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Powerprotect Agent For File System