Lucene search

[email protected]CVE-2005-1103

HistoryApr 12, 2005 - 4:00 a.m.

CVE-2005-1103

2005-04-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sygate

security agent

ssa

cve

nvd

vulnerability

security

policy

7.1 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA.

CPENameOperatorVersion
sygate_technologies:security_agentsygate technologies security agenteq4.1
sygate_technologies:security_agentsygate technologies security agenteq3.5_build_2576
sygate_technologies:security_agentsygate technologies security agenteq4.0
sygate_technologies:security_agentsygate technologies security agenteq3.5_build_2577

CPE	Name	Operator	Version
sygate_technologies:security_agent	sygate technologies security agent	eq	4.1
sygate_technologies:security_agent	sygate technologies security agent	eq	3.5_build_2576
sygate_technologies:security_agent	sygate technologies security agent	eq	4.0
sygate_technologies:security_agent	sygate technologies security agent	eq	3.5_build_2577

References

marc.info/?l=bugtraq&m=111335219201828&w=2

7.1 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON