4 matches found
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...
CVE-2023-22947
creationtimestamp| type| source ---|---|--- 2023-01-11 07:29:06+00:00| seen| https://t.me/cibsecurity/56329...
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...
CVE-2023-22947
CVE-2023-22947 affects Shibboleth Service Provider (SP) on Windows prior to 3.4.1. The issue stems from insecure folder permissions in the Windows installation path (defaulting to C:\opt instead of C:\Program Files), enabling an unprivileged local attacker to escalate to SYSTEM via DLL planting i...