Action1 代码问题漏洞

Action1 is a patch management software from Action1, Inc. Action1 suffers from a code issue vulnerability that stems from an insecure OpenSSL configuration file loading location that could lead to local elevation of privilege...

Design/Logic Flaw

The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup...

PT-2022-17105 · Itarian · Itarian Endpoint Manage Communication Client

Name of the Vulnerable Software and Affected Versions: ITarian Endpoint Manage Communication Client versions prior to 6.43.41148.21120 Description: The issue is related to the ITarian Endpoint Manage Communication Client being compiled with insecure OpenSSL settings. This allows a malicious actor...

CVE-2022-25153

The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup...