Lucene search

K
cve[email protected]CVE-2011-1056
HistoryFeb 21, 2011 - 9:00 p.m.

CVE-2011-1056

2011-02-2121:00:00
CWE-264
web.nvd.nist.gov
24
metasploit
framework
windows
installer
local
privilege escalation
cve-2011-1056

6.7 Medium

AI Score

Confidence

Low

6.2 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse.

Affected configurations

NVD
Node
metasploitmetasploit_frameworkMatch3.5.1
AND
microsoftwindows

6.7 Medium

AI Score

Confidence

Low

6.2 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

Related for CVE-2011-1056