Improper access control

2020-12-0713:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.2%

JSON

inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain privileges of a root user from a lower privileged user due to improper integrity checks and directory permissions.

CPENameOperatorVersion
insynceq6.8.0

CPE	Name	Operator	Version
	insync	eq	6.8.0

References

www.tenable.com/security/research/tra-2020-67

www.tenable.com/security/research/tra-2020-67%2Chttps://docs.druva.com/001_inSync_Cloud/Cloud/010_Release_Details/010_inSync_Cloud_Updates