AppGuard Enterprise before 6.7.100.1 creates a Temporary File in a Directory with Insecure Permissions. Local users can gain SYSTEM privileges because a repair operation relies on the %TEMP% directory of an unprivileged user.
References
Link | Resource |
---|---|
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0022/MNDT-2022-0022.md | Third Party Advisory |
https://www.beyondtrust.com/blog | Not Applicable |
Configurations
History
20 Apr 2022, 13:51
Type | Values Removed | Values Added |
---|---|---|
First Time |
Blueplanet-works
Blueplanet-works appguard |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-668 | |
CPE | cpe:2.3:a:blueplanet-works:appguard:*:*:*:*:enterprise:windows:*:* | |
References | (MISC) https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0022/MNDT-2022-0022.md - Third Party Advisory | |
References | (MISC) https://www.beyondtrust.com/blog - Not Applicable |
15 Apr 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
Summary | AppGuard Enterprise before 6.7.100.1 creates a Temporary File in a Directory with Insecure Permissions. Local users can gain SYSTEM privileges because a repair operation relies on the %TEMP% directory of an unprivileged user. |
12 Apr 2022, 16:25
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-12 16:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-42255
Mitre link : CVE-2021-42255
CVE.ORG link : CVE-2021-42255
JSON object : View
Products Affected
blueplanet-works
- appguard
CWE
CWE-668
Exposure of Resource to Wrong Sphere