Lucene search

K
cve[email protected]CVE-2006-4184
HistoryAug 17, 2006 - 12:04 a.m.

CVE-2006-4184

2006-08-1700:04:00
NVD-CWE-Other
web.nvd.nist.gov
19
smartline
devicelock
access control
acl
ntfs
bypass
cve-2006-4184
vulnerability

6.3 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

SmartLine DeviceLock before 5.73 Build 305 does not properly enforce access control lists (ACL) in raw mode, which allows local users to bypass NTFS controls and obtain sensitive information.

6.3 Medium

AI Score

Confidence

Low

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

Related for CVE-2006-4184