Lucene search

K
nvd[email protected]NVD:CVE-2011-1056
HistoryFeb 21, 2011 - 9:00 p.m.

CVE-2011-1056

2011-02-2121:00:00
CWE-264
web.nvd.nist.gov
2

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0

Percentile

5.1%

The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse.

Affected configurations

Nvd
Node
metasploitmetasploit_frameworkMatch3.5.1
AND
microsoftwindows
VendorProductVersionCPE
metasploitmetasploit_framework3.5.1cpe:2.3:a:metasploit:metasploit_framework:3.5.1:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0

Percentile

5.1%

Related for NVD:CVE-2011-1056