CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/176790/CloudLinux-CageFS-7.1.1-1-Token-Disclosure.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2024/Jan/24 | Exploit Mailing List Third Party Advisory |
https://blog.cloudlinux.com/cagefs-lve-wrappers-and-bsock-have-been-rolled-out-to-100 | Release Notes |
https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-01_CloudLinux_CageFS_Token_Disclosure |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2024-01-22T13:53:35.745Z
Updated: 2024-03-28T18:25:31.741Z
Reserved: 2024-01-22T13:33:26.500Z
Link: CVE-2020-36771
JSON object: View
NVD Information
Status : Modified
Published: 2024-01-22T14:15:07.530
Modified: 2024-03-28T19:15:46.773
Link: CVE-2020-36771
JSON object: View
Redhat Information
No data.