Cloud Agent@* Security Vulnerabilities and Issues — Cloud Agent@* CVE List

Lucene search

QualysCloud Agent*

4 matches found

CVE•added 2023/04/18 4:15 p.m.•58 views

CVE-2023-28142

A Race Condition exists in the Qualys Cloud Agent for Windowsplatform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers toescalate privileges limited on the local machine during uninstallation of theQualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges onthat ...

7CVSS6.7AI score0.00061EPSS

CVE•added 2023/04/18 4:15 p.m.•45 views

CVE-2023-28141

An NTFS Junction condition exists in the Qualys Cloud Agentfor Windows platform in versions before 4.8.0.31. Attackers may write files toarbitrary locations via a local attack vector. This allows attackers to assumethe privileges of the process, and they may delete or otherwise on unauthorizedfiles...

6.7CVSS6.3AI score0.00043EPSS

CVE•added 2023/04/18 4:15 p.m.•40 views

CVE-2023-28143

Qualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7)installer allows a local escalation of privilege bounded only to the time ofinstallation and only on older macOSX (macOS 10.15 and older) versions.Attackers may exploit incorrect file permissions to give them ROOT commandexecution privilege...

7CVSS6.8AI score0.00034EPSS

CVE•added 2023/04/18 4:15 p.m.•34 views

CVE-2023-28140

An Executable Hijacking condition exists in theQualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackersmay load a malicious copy of a Dependency Link Library (DLL) via a localattack vector instead of the DLL that the application was expecting, whenprocesses are running with esc...

7CVSS6.5AI score0.00148EPSS