15 matches found
CVE-2019-11660
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...
EUVD-2021-9659
Malicious code in bioql PyPI...
Privilege escalation
A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended...
CVE-2021-22517
A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended...
Micro Focus (HPE) Data Protector - SUID Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus HPE Data Protector SUID Privilege Escalation', 'Description' = %q This module exploits the trusted $PATH environment variable of the...
Micro Focus (HPE) Data Protector SUID Privilege Escalation
This module exploits the trusted $PATH environment variable of the SUID binary omniresolve in Micro Focus HPE Data Protector A.10.40 and prior. The omniresolve executable calls the oracleasm binary using a relative path and the trusted environment $PATH, which allows an attacker to execute a cust...
CVE-2019-11660
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...
CVE-2019-11660
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...
Code injection
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...
CVE-2019-11660
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...
CVE-2019-11660
CVE-2019-11660 affects Micro Focus Data Protector (versions 10.00–10.40). A low-privilege user can abuse the SUID binary omniresolve, which calls oracleasm via a relative path using a trusted PATH, to execute a custom binary with root privileges. Impact is local privilege escalation (affecting co...
CVE-2019-11660
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges. Recent assessments: pbarry-r7 at November 20, 2019 3:15p...
Design/Logic Flaw
Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution...
CVE-2019-3476
Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution...
CVE-2019-3476
CVE-2019-3476 involves Micro Focus Data Protector, affected version 10.03, with remote arbitrary code execution. According to the provided documents, the vulnerability allows network-triggered code execution with low attack complexity and no authentication (CVSS: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A...