3 matches found
CVE-2021-42855
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...
CVE-2021-42855 Local privilege escalation due to misconfigured write permission on .debug_command.config file
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...
CVE-2021-42855
CVE-2021-42855 affects the SteelCentral AppInternals Dynamic Sampling Agent (DSA). The issue stems from a configuration file named .debug_command.config that stores a JSON string listing IDs and pre-configured commands. This file is read by the API endpoint /api/appInternals/1.0/agent/configurati...