LiquidFiles before 3.6.3 allows remote attackers to elevate their privileges from Admin (or User Admin) to Sysadmin.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/164997/LiquidFiles-3.5.13-Privilege-Escalation.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2021/Nov/40 | Exploit Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2021/Nov/52 | Exploit Mailing List Third Party Advisory |
https://forum.liquidfiles.com/forums/news.6/ | Vendor Advisory |
https://man.liquidfiles.com/release_notes/version_3-6-x.html | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-11-11T04:39:55
Updated: 2021-11-23T16:06:13
Reserved: 2021-11-04T00:00:00
Link: CVE-2021-43397
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-11-11T05:15:09.647
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-43397
JSON object: View
Redhat Information
No data.
CWE