Privilege escalation

2020-12-2222:15:00

PRIOn knowledge base

www.prio-n.com

0.0004 Low

EPSS

Percentile

12.6%

JSON

In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as.

CPENameOperatorVersion
symphony_\\+_historianeq3.0
symphony_\\+_historianeq3.1
symphony_\\+_operationseq1.1
symphony_\\+_operationseq2.0
symphony_\\+_operationseq2.1 sp1
symphony_\\+_operationseq2.1 sp2
symphony_\\+_operationseq3.0
symphony_\\+_operationseq3.1
symphony_\\+_operationseq3.2
symphony_\\+_operationseq3.3

Name	Operator	Version
symphony_\\+_historian	eq	3.0
symphony_\\+_historian	eq	3.1
symphony_\\+_operations	eq	1.1
symphony_\\+_operations	eq	2.0
symphony_\\+_operations	eq	2.1 sp1
symphony_\\+_operations	eq	2.1 sp2
symphony_\\+_operations	eq	3.0
symphony_\\+_operations	eq	3.1
symphony_\\+_operations	eq	3.2
symphony_\\+_operations	eq	3.3