CWE-59
AllowedImproper Link Resolution Before File Access ('Link Following')
Abstraction: Base · Status: Draft
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
1983 vulnerabilities reference this CWE, most recent first.
CVE-2024-1753 (GCVE-0-2024-1753)
Vulnerability from cvelistv5 – Published: 2024-03-18 14:23 – Updated: 2026-03-04 04:16- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
4.15.0
|
|||
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8090020240413110917.d7b6f4b7 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8090020240417184044.e7857ab1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8100020240419145834.afee755d , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support |
Unaffected:
8060020240422155330.3b538bd8 , < *
(rpm)
cpe:/a:redhat:rhel_eus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support |
Unaffected:
8060020240419071711.2e213529 , < *
(rpm)
cpe:/a:redhat:rhel_eus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support |
Unaffected:
8080020240422101606.0f77c1b7 , < *
(rpm)
cpe:/a:redhat:rhel_eus:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
1:1.31.5-1.el9_3 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
4:4.9.4-3.el9_4 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Extended Update Support |
Unaffected:
1:1.26.7-1.el9_0 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Extended Update Support |
Unaffected:
2:4.2.0-3.el9_0 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
1:1.29.3-1.el9_2 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
2:4.4.1-16.el9_2 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.2::appstream |
|
| Red Hat | Red Hat OpenShift Container Platform 4.12 |
Unaffected:
3:4.4.1-3.2.rhaos4.12.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.12::el8 cpe:/a:redhat:openshift:4.12::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
3:4.4.1-6.3.rhaos4.13.el9 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el9 cpe:/a:redhat:openshift:4.13::el8 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
Unaffected:
3:4.4.1-8.3.rhaos4.13.el9 , < *
(rpm)
cpe:/a:redhat:openshift:4.13::el9 cpe:/a:redhat:openshift:4.13::el8 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
Unaffected:
3:4.4.1-13.4.rhaos4.14.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
Unaffected:
3:4.4.1-23.2.rhaos4.15.el8 , < *
(rpm)
cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat OpenShift Container Platform 3.11 |
cpe:/a:redhat:openshift:3.11 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1753",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-02T15:05:28.144862Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:00:10.892Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:48:22.005Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2024:2049",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2049"
},
{
"name": "RHSA-2024:2055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2055"
},
{
"name": "RHSA-2024:2064",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2064"
},
{
"name": "RHSA-2024:2066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2066"
},
{
"name": "RHSA-2024:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2077"
},
{
"name": "RHSA-2024:2084",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2084"
},
{
"name": "RHSA-2024:2089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2089"
},
{
"name": "RHSA-2024:2090",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2090"
},
{
"name": "RHSA-2024:2097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2097"
},
{
"name": "RHSA-2024:2098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2098"
},
{
"name": "RHSA-2024:2548",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2548"
},
{
"name": "RHSA-2024:2645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2645"
},
{
"name": "RHSA-2024:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2669"
},
{
"name": "RHSA-2024:2672",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2672"
},
{
"name": "RHSA-2024:2784",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2784"
},
{
"name": "RHSA-2024:2877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2877"
},
{
"name": "RHSA-2024:3254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3254"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-1753"
},
{
"name": "RHBZ#2265513",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265513"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCRZVUDOFM5CPREQKBEU2VK2QK62PSBP/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYMVMQ7RWMDTSKQTBO734BE3WQPI2AJ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVBSVZGVABPYIHK5HZM472NPGWMI7WXH/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/openshift/builder/",
"defaultStatus": "unaffected",
"packageName": "buildah",
"versions": [
{
"status": "affected",
"version": "4.15.0"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:4.0",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8090020240413110917.d7b6f4b7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8090020240417184044.e7857ab1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8100020240419145834.afee755d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020240422155330.3b538bd8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:4.0",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020240419071711.2e213529",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.8::appstream"
],
"defaultStatus": "affected",
"packageName": "container-tools:rhel8",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8080020240422101606.0f77c1b7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.31.5-1.el9_3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4:4.9.4-3.el9_4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.26.7-1.el9_0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:4.2.0-3.el9_0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:1.29.3-1.el9_2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::appstream"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2:4.4.1-16.el9_2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.12::el8",
"cpe:/a:redhat:openshift:4.12::el9"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3:4.4.1-3.2.rhaos4.12.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9",
"cpe:/a:redhat:openshift:4.13::el8"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3:4.4.1-6.3.rhaos4.13.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9",
"cpe:/a:redhat:openshift:4.13::el8"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3:4.4.1-8.3.rhaos4.13.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3:4.4.1-13.4.rhaos4.14.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9",
"cpe:/a:redhat:openshift:4.15::el8"
],
"defaultStatus": "affected",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "3:4.4.1-23.2.rhaos4.15.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "buildah",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "podman",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:3.11"
],
"defaultStatus": "unknown",
"packageName": "podman",
"product": "Red Hat OpenShift Container Platform 3.11",
"vendor": "Red Hat"
}
],
"datePublic": "2024-03-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-04T04:16:07.393Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:2049",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2049"
},
{
"name": "RHSA-2024:2055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2055"
},
{
"name": "RHSA-2024:2064",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2064"
},
{
"name": "RHSA-2024:2066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2066"
},
{
"name": "RHSA-2024:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2077"
},
{
"name": "RHSA-2024:2084",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2084"
},
{
"name": "RHSA-2024:2089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2089"
},
{
"name": "RHSA-2024:2090",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2090"
},
{
"name": "RHSA-2024:2097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2097"
},
{
"name": "RHSA-2024:2098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2098"
},
{
"name": "RHSA-2024:2548",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2548"
},
{
"name": "RHSA-2024:2645",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2645"
},
{
"name": "RHSA-2024:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2669"
},
{
"name": "RHSA-2024:2672",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2672"
},
{
"name": "RHSA-2024:2784",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2784"
},
{
"name": "RHSA-2024:2877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2877"
},
{
"name": "RHSA-2024:3254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3254"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-1753"
},
{
"name": "RHBZ#2265513",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265513"
},
{
"url": "https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf"
},
{
"url": "https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3"
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2658"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-02-22T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-03-18T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Buildah: full container escape at build time",
"workarounds": [
{
"lang": "en",
"value": "When SELinux is enabled, the container is restricted to limited read-only access."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-1753",
"datePublished": "2024-03-18T14:23:44.213Z",
"dateReserved": "2024-02-22T14:42:20.623Z",
"dateUpdated": "2026-03-04T04:16:07.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-1329 (GCVE-0-2024-1329)
Vulnerability from cvelistv5 – Published: 2024-02-08 19:20 – Updated: 2024-09-26 17:05- CWE-59 - Improper Link Resolution Before File Access (Link Following)
| Vendor | Product | Version | |
|---|---|---|---|
| HashiCorp | Nomad |
Affected:
0 , ≤ 1.5.13
(semver)
Affected: 0 , ≤ 1.6.6 (semver) Affected: 0 , ≤ 1.7.3 (semver) |
|
| HashiCorp | Nomad Enterprise |
Affected:
0 , ≤ 1.5.13
(semver)
Affected: 0 , ≤ 1.6.6 (semver) Affected: 0 , ≤ 1.7.3 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1329",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T19:54:48.732815Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T19:54:54.788Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:25.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://discuss.hashicorp.com/t/hcsec-2024-03-nomad-vulnerable-to-arbitrary-write-through-symlink-attack"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Nomad",
"repo": "https://github.com/hashicorp/nomad",
"vendor": "HashiCorp",
"versions": [
{
"lessThanOrEqual": "1.5.13",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.6",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Nomad Enterprise",
"repo": "https://github.com/hashicorp/nomad",
"vendor": "HashiCorp",
"versions": [
{
"lessThanOrEqual": "1.5.13",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.6.6",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eHashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. This vulnerability, CVE-2024-1329, is fixed in Nomad 1.7.4, 1.6.7, and 1.5.14.\u003c/p\u003e\u003cbr/\u003e"
}
],
"value": "HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. This vulnerability, CVE-2024-1329, is fixed in Nomad 1.7.4, 1.6.7, and 1.5.14."
}
],
"impacts": [
{
"capecId": "CAPEC-132",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-132: Symlink Attack"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (Link Following)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T17:05:43.601Z",
"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"shortName": "HashiCorp"
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2024-03-nomad-vulnerable-to-arbitrary-write-through-symlink-attack"
}
],
"source": {
"advisory": "HCSEC-2024-03",
"discovery": "INTERNAL"
},
"title": "Nomad Vulnerable to Arbitrary Write Through Symlink Attack"
}
},
"cveMetadata": {
"assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"assignerShortName": "HashiCorp",
"cveId": "CVE-2024-1329",
"datePublished": "2024-02-08T19:20:10.831Z",
"dateReserved": "2024-02-07T19:00:15.653Z",
"dateUpdated": "2024-09-26T17:05:43.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0206 (GCVE-0-2024-0206)
Vulnerability from cvelistv5 – Published: 2024-01-09 12:56 – Updated: 2025-04-17 17:54- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| Vendor | Product | Version | |
|---|---|---|---|
| Trellix | Anti-Malware Engine |
Affected:
6600
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://kcm.trellix.com/corporate/index?page=content\u0026id=SB10415"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0206",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-10T18:33:10.958239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T17:54:03.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Anti-Malware Engine",
"vendor": "Trellix",
"versions": [
{
"status": "affected",
"version": "6600"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Bahaa Naamneh of Crosspoint Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn\u0027t normally have permission to. After a scan, the Engine would follow the links and remove the files\u003c/span\u003e\n\n"
}
],
"value": "\nA symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn\u0027t normally have permission to. After a scan, the Engine would follow the links and remove the files\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T12:56:46.957Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"url": "https://kcm.trellix.com/corporate/index?page=content\u0026id=SB10415"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2024-0206",
"datePublished": "2024-01-09T12:56:46.957Z",
"dateReserved": "2024-01-03T04:30:32.801Z",
"dateUpdated": "2025-04-17T17:54:03.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0068 (GCVE-0-2024-0068)
Vulnerability from cvelistv5 – Published: 2024-02-29 19:51 – Updated: 2024-09-03 18:20- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| Vendor | Product | Version | |
|---|---|---|---|
| HYPR | Workforce Access |
Affected:
0 , < 8.7.1
(patch)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hypr.com/trust-center/security-advisories"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T18:01:09.727376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T18:20:05.758Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Workforce Access",
"vendor": "HYPR",
"versions": [
{
"lessThan": "8.7.1",
"status": "affected",
"version": "0",
"versionType": "patch"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Link Resolution Before File Access (\u0027Link Following\u0027) vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.\u003cp\u003eThis issue affects Workforce Access: before 8.7.1.\u003c/p\u003e"
}
],
"value": "Improper Link Resolution Before File Access (\u0027Link Following\u0027) vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.This issue affects Workforce Access: before 8.7.1.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-165",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-165 File Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-29T19:51:38.562Z",
"orgId": "0dc7baee-4a9f-419f-bd0a-e21ec5dac512",
"shortName": "HYPR"
},
"references": [
{
"url": "https://www.hypr.com/trust-center/security-advisories"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0dc7baee-4a9f-419f-bd0a-e21ec5dac512",
"assignerShortName": "HYPR",
"cveId": "CVE-2024-0068",
"datePublished": "2024-02-29T19:51:38.562Z",
"dateReserved": "2023-11-27T18:04:01.975Z",
"dateUpdated": "2024-09-03T18:20:05.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-53973 (GCVE-0-2023-53973)
Vulnerability from cvelistv5 – Published: 2025-12-22 21:35 – Updated: 2026-01-03 20:46- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/51151 | exploit |
| https://zillya.com/ | product |
| https://www.vulncheck.com/advisories/zillya-total… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Zillya | Zillya Total Security |
Affected:
3.0.2367.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-53973",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T21:58:35.405222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T22:04:41.682Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/51151"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Zillya Total Security",
"vendor": "Zillya",
"versions": [
{
"status": "affected",
"version": "3.0.2367.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "M. Akil G\u00fcndo\u011fan"
}
],
"datePublic": "2022-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eZillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories, potentially enabling system-level access through techniques like DLL hijacking.\u003c/p\u003e"
}
],
"value": "Zillya Total Security 3.0.2367.0 contains a privilege escalation vulnerability that allows low-privileged users to copy files to unauthorized system locations using the quarantine module. Attackers can leverage symbolic link techniques to restore quarantined files to restricted directories, potentially enabling system-level access through techniques like DLL hijacking."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-03T20:46:28.195Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-51151",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/51151"
},
{
"name": "Zillya Official Homepage",
"tags": [
"product"
],
"url": "https://zillya.com/"
},
{
"name": "VulnCheck Advisory: Zillya Total Security 3.0.2367.0 Local Privilege Escalation via Quarantine Module",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/zillya-total-security-local-privilege-escalation-via-quarantine-module"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Zillya Total Security 3.0.2367.0 Local Privilege Escalation via Quarantine Module",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2023-53973",
"datePublished": "2025-12-22T21:35:33.394Z",
"dateReserved": "2025-12-20T16:31:20.899Z",
"dateUpdated": "2026-01-03T20:46:28.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-51636 (GCVE-0-2023-51636)
Vulnerability from cvelistv5 – Published: 2024-05-22 19:16 – Updated: 2024-08-02 22:40- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:avira:prime:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "prime",
"vendor": "avira",
"versions": [
{
"status": "affected",
"version": "1.1.94.4"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51636",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T17:10:38.775370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:20:19.959Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-24-469",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-469/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Prime",
"vendor": "Avira",
"versions": [
{
"status": "affected",
"version": "1.1.94.4"
}
]
}
],
"dateAssigned": "2023-12-20T22:02:27.484Z",
"datePublic": "2024-05-17T23:23:37.158Z",
"descriptions": [
{
"lang": "en",
"value": "Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Avira Spotlight Service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21600."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-22T19:16:48.396Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-469",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-469/"
}
],
"source": {
"lang": "en",
"value": "Filip Dragovic (@filip_dragovic)"
},
"title": "Avira Prime Link Following Local Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-51636",
"datePublished": "2024-05-22T19:16:48.396Z",
"dateReserved": "2023-12-20T21:52:34.963Z",
"dateUpdated": "2024-08-02T22:40:34.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50226 (GCVE-0-2023-50226)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-09-18 18:30- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://kb.parallels.com/en/125013 | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Parallels | Desktop |
Affected:
18.3.0 (53606)
|
|
| parallels | parallels_desktop |
Affected:
0 , < 18.3.2
(semver)
cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:parallels:parallels_desktop:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "parallels_desktop",
"vendor": "parallels",
"versions": [
{
"lessThan": "18.3.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-03T20:12:03.013364Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:41.724Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1805",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1805/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://kb.parallels.com/en/125013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Desktop",
"vendor": "Parallels",
"versions": [
{
"status": "affected",
"version": "18.3.0 (53606)"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.707Z",
"datePublic": "2023-12-19T08:54:36.622Z",
"descriptions": [
{
"lang": "en",
"value": "Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.\n. Was ZDI-CAN-21227."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:30:36.184Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1805",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1805/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://kb.parallels.com/en/125013"
}
],
"source": {
"lang": "en",
"value": "kn32"
},
"title": "Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50226",
"datePublished": "2024-05-03T02:14:44.316Z",
"dateReserved": "2023-12-05T16:15:17.544Z",
"dateUpdated": "2024-09-18T18:30:36.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-50197 (GCVE-0-2023-50197)
Vulnerability from cvelistv5 – Published: 2024-05-03 02:14 – Updated: 2024-08-15 15:50- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Intel | Driver & Support Assistant |
Affected:
23.3.25.6
|
|
| intel | driver\&support_assistant |
Affected:
23.3.25.6
cpe:2.3:a:intel:driver\&support_assistant:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:driver\\\u0026support_assistant:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "driver\\\u0026support_assistant",
"vendor": "intel",
"versions": [
{
"status": "affected",
"version": "23.3.25.6"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T14:38:03.377106Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:50:50.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:09:49.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-1773",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1773/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Driver \u0026 Support Assistant",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "23.3.25.6"
}
]
}
],
"dateAssigned": "2023-12-05T19:37:59.540Z",
"datePublic": "2023-12-13T18:13:10.483Z",
"descriptions": [
{
"lang": "en",
"value": "Intel Driver \u0026 Support Assistant Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Intel Driver \u0026 Support Assistant. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the DSA Service. By creating a symbolic link, an attacker can abuse the service to write a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21845."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T02:14:22.353Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-1773",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1773/"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Intel Driver \u0026 Support Assistant Link Following Local Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-50197",
"datePublished": "2024-05-03T02:14:22.353Z",
"dateReserved": "2023-12-05T16:15:17.539Z",
"dateUpdated": "2024-08-15T15:50:50.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-45159 (GCVE-0-2023-45159)
Vulnerability from cvelistv5 – Published: 2023-10-05 10:11 – Updated: 2025-06-18 18:40- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| Vendor | Product | Version | |
|---|---|---|---|
| 1E | 1E Client |
Affected:
0 , < 8.1.2.62
(Q23097)
Affected: 0 , < 8.4.1.159 (Q23105) Affected: 0 , < 9.0.1.88 (Q23115) Affected: 0 , < 23.7.1.151 (Q23121) |
|
| 1e | client |
Affected:
0 , < 8.1.2.62
(custom)
Affected: 0 , < 8.4.1.159 (custom) Affected: 0 , < 9.0.1.88 (custom) Affected: 0 , < 23.7.1.151 (custom) cpe:2.3:a:1e:client:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:14:19.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.1e.com/trust-security-compliance/cve-info/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:1e:client:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "client",
"vendor": "1e",
"versions": [
{
"lessThan": "8.1.2.62",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "8.4.1.159",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.0.1.88",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "23.7.1.151",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45159",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T17:33:38.940543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T14:24:11.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "1E Client",
"vendor": "1E",
"versions": [
{
"changes": [
{
"at": "Q23097",
"status": "unaffected"
}
],
"lessThan": "8.1.2.62",
"status": "affected",
"version": "0",
"versionType": "Q23097"
},
{
"changes": [
{
"at": "Q23105",
"status": "unaffected"
}
],
"lessThan": "8.4.1.159",
"status": "affected",
"version": "0",
"versionType": "Q23105"
},
{
"changes": [
{
"at": "Q23115",
"status": "unaffected"
}
],
"lessThan": "9.0.1.88",
"status": "affected",
"version": "0",
"versionType": "Q23115"
},
{
"changes": [
{
"at": "Q23121",
"status": "unaffected"
}
],
"lessThan": "23.7.1.151",
"status": "affected",
"version": "0",
"versionType": "Q23121"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Thanks to Lockheed Martin red team who reported this issue."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "1E Client installer can perform arbitrary file deletion on protected files.\u0026nbsp;\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. \u003cbr\u003e\u003cbr\u003eA hotfix is available from the 1E support portal that forces\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe 1E Client to check for a symbolic link or junction and if it finds one refuses to use that path and instead creates a path involving a random GUID.\u003cbr\u003e\u003cbr\u003efor v8.1 use hotfix Q23097\u003cbr\u003efor v8.4 use hotfix Q23105\u003cbr\u003efor v9.0 use hotfix Q23115\u003cbr\u003e\u003cbr\u003efor SaaS customers, use 1EClient v23.7 plus hotfix Q23121\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "1E Client installer can perform arbitrary file deletion on protected files.\u00a0\u00a0\n\nA non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. \n\nA hotfix is available from the 1E support portal that forces\u00a0the 1E Client to check for a symbolic link or junction and if it finds one refuses to use that path and instead creates a path involving a random GUID.\n\nfor v8.1 use hotfix Q23097\nfor v8.4 use hotfix Q23105\nfor v9.0 use hotfix Q23115\n\nfor SaaS customers, use 1EClient v23.7 plus hotfix Q23121"
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T18:40:58.223Z",
"orgId": "4a68d2b9-b68a-4765-95bd-17f35092666b",
"shortName": "1E"
},
"references": [
{
"url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/1e-2023-2001/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "1E Client installer can perform arbitrary file deletion on protected files",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4a68d2b9-b68a-4765-95bd-17f35092666b",
"assignerShortName": "1E",
"cveId": "CVE-2023-45159",
"datePublished": "2023-10-05T10:11:20.065Z",
"dateReserved": "2023-10-04T23:59:54.078Z",
"dateUpdated": "2025-06-18T18:40:58.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43590 (GCVE-0-2023-43590)
Vulnerability from cvelistv5 – Published: 2023-11-14 23:15 – Updated: 2024-08-29 17:23- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| Vendor | Product | Version | |
|---|---|---|---|
| Zoom Video Communications, Inc. | Zoom Rooms for macOS |
Affected:
before 5.16.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:44:43.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-43590",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T17:23:15.568469Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T17:23:41.033Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Zoom Rooms for macOS",
"vendor": "Zoom Video Communications, Inc.",
"versions": [
{
"status": "affected",
"version": "before 5.16.0"
}
]
}
],
"datePublic": "2023-11-14T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Link following in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access.\u003cbr\u003e"
}
],
"value": "Link following in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-132",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-132 Symlink Attack"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T23:15:12.437Z",
"orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"shortName": "Zoom"
},
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"assignerShortName": "Zoom",
"cveId": "CVE-2023-43590",
"datePublished": "2023-11-14T23:15:12.437Z",
"dateReserved": "2023-09-19T22:05:40.666Z",
"dateUpdated": "2024-08-29T17:23:41.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-48.1
Strategy: Separation of Privilege
- Follow the principle of least privilege when assigning access rights to entities in a software system.
- Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CAPEC-132: Symlink Attack
An adversary positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name.
CAPEC-17: Using Malicious Files
An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
CAPEC-76: Manipulating Web Input to File System Calls
An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.