4730 matches found
CVE-2021-41021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...
Privilege escalation
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...
CVE-2021-41021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...
CVE-2021-41021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...
CVE-2021-41021
FortiNAC has a privilege escalation vulnerability (CVE-2021-41021) affecting FortiNAC versions 8.8.8 and below and 9.1.2 and below, enabling an admin to escalate to root via sudo. The connected sources identify the affected scope and impact but do not provide exploitation details or explicit reme...
FortiNAC - Privilege Escalation via exploiting the SUDO privileges.
A privilege escalation vulnerability in FortiNAC may allow an admin user to escalate the privileges to root via the sudo command...
CVE-2021-43043
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...
CVE-2021-43043
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...
Design/Logic Flaw
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...
CVE-2021-43043
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The apache user could read arbitrary files such as /etc/shadow by abusing an insecure Sudo rule...
PT-2021-23732 · Kaseya +1 · Kaseya Unitrends Backup Appliance +1
Name of the Vulnerable Software and Affected Versions: Kaseya Unitrends Backup Appliance versions prior to 10.5.5 Description: An issue was discovered in the software where the apache user could read arbitrary files, such as /etc/shadow, by abusing an insecure Sudo rule. Recommendations: For...
Johnson Controls CEM Systems AC2000
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Controlled Electronic Management Systems, Ltd., a subsidiary of Johnson Controls, Inc. Equipment: CEM Systems AC2000 Vulnerability: Off-by-one Error 2. RISK EVALUATION Successful exploitation of this vulnerability could...
Exploit for Off-by-one Error in Sudo_Project Sudo
Based on the provided context and code, here is a summary of the analysis: Classification: Exploit module/toolkit targeting a vulnerability in a specific product/service framework. Primary vulnerability: CVE-2021-3156, a heap-based buffer overflow in sudo. Target product/service: sudo, a Unix...
VulnCheck KEV: CVE-2016-3643
SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo...
SolarWinds Virtualization Manager Privilege Escalation Vulnerability
SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo...
sudo bug fix and enhancement update
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Bug Fixes and Enhancements: Request to backport...
sudo bug fix and enhancement update
An update is available for sudo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sudo packages contain the sudo utility which allows system administrators to...
EulerOS 2.0 SP8 : sssd (EulerOS-SA-2021-2646)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire subcommands. Thi...
CVE-2021-40348
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation...
CVE-2021-40348
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation...