Privilege Escalation

2020-05-1023:27:53

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

JSON

freeradius is vulnerable to privilege escalation. A local attacker who has control of the radiusd user is able to gain root access by tricking logrotate into writing a radiusd-writable file to a directory, which would normally be inaccessible to the radiusd user.

CPENameOperatorVersion
freeradius:3.7eq3.0.15-r5
freeradiuseq3.0.13__8.el7_4
freeradiuseq3.0.13__9.el7_5
freeradiuseq3.0.13__10.el7_6
freeradiuseq3.0.13__9.el7_4
freeradius:3.7eq3.0.15-r5
freeradiuseq3.0.13__8.el7_4
freeradiuseq3.0.13__9.el7_5
freeradiuseq3.0.13__10.el7_6
freeradiuseq3.0.13__9.el7_4

Name	Operator	Version
freeradius:3.7	eq	3.0.15-r5
freeradius	eq	3.0.13__8.el7_4
freeradius	eq	3.0.13__9.el7_5
freeradius	eq	3.0.13__10.el7_6
freeradius	eq	3.0.13__9.el7_4
freeradius:3.7	eq	3.0.15-r5
freeradius	eq	3.0.13__8.el7_4
freeradius	eq	3.0.13__9.el7_5
freeradius	eq	3.0.13__10.el7_6
freeradius	eq	3.0.13__9.el7_4