HIGH🇬🇧 English

CVE-2022-43997

CVSS 7.8v3.1pub. 2023-01-26upd. 2025-04-01

Incorrect access control in Aternity agent in Riverbed Aternity before 12.1.4.27 allows for local privilege escalation. There is an insufficiently protected handle to the A180AG.exe SYSTEM process with PROCESS_ALL_ACCESS rights.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Aternity

    APP
    Aternity
    < 12.1.4.27
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
LPE
CWE
Referencje

Powiązane podatności

CVE-2016-5062CRITICAL9.8ten sam produkt

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java M...

CVE-2016-5061MEDIUM6.1ten sam produkt

Multiple cross-site scripting (XSS) vulnerabilities in the web server in Aternity before 9.0.1 allow remote at...

CVE-2022-43997 — HIGH 7.8 | CVEbaza.pl