CVE-2021-27765

Sažetak

The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.

Reference

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0098116
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0023/MNDT-2022-0023.md

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

16-05-2022 - 17:27

Objavljeno

06-05-2022 - 18:15