Rapid7 Insight Agent is a lightweight software from Rapid7, Inc. The software is capable of collecting data from IT assets.A security vulnerability exists in Rapid7 Insight Agent version 3.1.2.38 and prior versions, which stems from the fact that Rapid7 Insight Agent version 3.1.2.38 and prior versions do not properly double quote when using runas.exe. An attacker could exploit this vulnerability to elevate privileges and gain persistent access to the computer.
CPE | Name | Operator | Version |
---|---|---|---|
Rapid7 Insight Agent <=3. | eq | 1.2.38 |