CVE-2021-30462
CVE-2021-30462
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
08 Apr 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →