HIGH🇬🇧 English

CVE-2019-8455

CVSS 7.1v3.1pub. 2019-04-17upd. 2024-11-21

A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  • Checkpoint Zonealarm

    APP
    Checkpoint
    ≤ 15.4.062
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-41604HIGH8.8ten sam produkt

Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This o...

CVE-2022-23743HIGH7.8ten sam produkt

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upg...

CVE-2020-6023HIGH7.8ten sam produkt

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restorin...

CVE-2019-8452HIGH7.8ten sam produkt

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Secu...

CVE-2018-8790HIGH7.8ten sam produkt

Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF service that can allow a local low privile...