CVE-2024-28139
Privilege escalation through sudo misconfiguration
The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near future.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Image Access GmbH · Scan2NetQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →