Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:41104
HistoryJul 03, 2023 - 3:27 a.m.

Privilege Escalation

2023-07-0303:27:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
.net
privilege escalation
filesystem
tar file
security vulnerability

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H

EPSS

0.001

Percentile

38.4%

.NET is vulnerable to Privilege Escalation. A malicious attacker with access to the targeted worker role could exploit this vulnerability by gaining an understanding of the filesystem layout and overwriting files through the use of a malicious tar file

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H

EPSS

0.001

Percentile

38.4%