ID |
CVE-2021-27579
|
Sažetak |
Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and versions that may be deployed and in use across an IT environment. A privilege-escalation vulnerability exists if CPUID is enabled, and thus it should be disabled via configuration settings. |
Reference |
|
CVSS |
Base: | 4.4 |
Impact: | 6.4 |
Exploitability: | 3.4 |
|
Pristup |
Vektor | Složenost | Autentikacija |
LOCAL |
MEDIUM |
NONE |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
PARTIAL |
PARTIAL |
PARTIAL |
|
CVSS vektor |
AV:L/AC:M/Au:N/C:P/I:P/A:P |
Zadnje važnije ažuriranje |
12-07-2022 - 17:42 |
Objavljeno |
23-02-2021 - 18:15 |