3 matches found
CVE-2020-5798
CVE-2020-5798 affects the inSync Client installer for macOS, version v6.8.0 and earlier. The root cause is improper integrity checks and directory permissions that could allow a lower-privileged user to gain root privileges. Documents consistently cite this impact and the affected component (macO...
CVE-2019-4000
CVE-2019-4000 affects Druva inSync Mac OS Client 6.5.0. The root cause is improper neutralization of directives in dynamically evaluated code, allowing a local, authenticated attacker to execute arbitrary Python expressions with root privileges. The vulnerability is described as a locally exploit...
CVE-2019-4001
CVE-2019-4001 affects Druva inSync Client 6.5.0. The issue is an improper input validation vulnerability that allows a local, authenticated attacker to execute arbitrary NodeJS code. Root cause and detailed exploit steps are not provided in the connected documents. The CVSS metrics indicate a loc...