EPSS
Percentile
66.4%
github.com/opensearch-project/opensearch-cli is vulnerable to privilege escalation. The vulnerability exists due to the weak file path permission in the configuration file, allowing an attacker to read or write any file on the file path.
github.com/opensearch-project/opensearch-cli/blob/275085730f791daccaac81c566a25f541656d9f9/commands/root.go#L43
github.com/opensearch-project/opensearch-cli/commit/69dc712d0d0d05dc2bc2bd0d733c73e3641b633a
github.com/opensearch-project/opensearch-cli/pull/29