Lucene search

K
cve[email protected]CVE-2010-3162
HistoryOct 03, 2022 - 4:20 p.m.

CVE-2010-3162

2022-10-0316:20:57
web.nvd.nist.gov
19
cve
2010
3162
untrusted search path
vulnerability
apsaly
privilege escalation
local users
trojan horse
nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.8%

Untrusted search path vulnerability in Apsaly before 3.74 allows local users to gain privileges via a Trojan horse executable file in the current working directory.

Affected configurations

NVD
Node
masahiko_watanabeapsalyRange3.70
OR
masahiko_watanabeapsalyMatch1.20
OR
masahiko_watanabeapsalyMatch1.40
OR
masahiko_watanabeapsalyMatch2.00
OR
masahiko_watanabeapsalyMatch2.10
OR
masahiko_watanabeapsalyMatch2.20
OR
masahiko_watanabeapsalyMatch2.30
OR
masahiko_watanabeapsalyMatch2.40
OR
masahiko_watanabeapsalyMatch2.50
OR
masahiko_watanabeapsalyMatch2.60
OR
masahiko_watanabeapsalyMatch2.70
OR
masahiko_watanabeapsalyMatch2.72
OR
masahiko_watanabeapsalyMatch3.00
OR
masahiko_watanabeapsalyMatch3.10
OR
masahiko_watanabeapsalyMatch3.40
OR
masahiko_watanabeapsalyMatch3.60

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.8%

Related for CVE-2010-3162