Lucene search

SnowCVELIST:CVE-2021-41562

HistoryNov 03, 2021 - 12:00 a.m.

CVE-2021-41562 Deletion of arbitrary files vulnerability in Snow Agent for Windows

2021-11-0300:00:00

CWE-64

Snow

www.cve.org

6.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

A vulnerability in Snow Snow Agent for Windows allows a non-admin user to cause arbitrary deletion of files. This issue affects: Snow Snow Agent for Windows version 5.0.0 to 6.7.1 on Windows.

CNA Affected

[
  {
    "platforms": [
      "Windows"
    ],
    "product": "Snow Agent for Windows",
    "vendor": "Snow",
    "versions": [
      {
        "lessThanOrEqual": "6.7.1",
        "status": "affected",
        "version": "6.0.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "5.4.1",
        "status": "affected",
        "version": "5.0.0",
        "versionType": "custom"
      }
    ]
  }
]

References

community.snowsoftware.com/s/group/0F91r000000QUhPCAW/news-updates

6.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVELIST:CVE-2021-41562