AI Score
Confidence
High
EPSS
Percentile
22.8%
Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder.
github.com/ycdxsb/Vuln/blob/main/azure-pipelines-agent-weak-permission-vuln/azure-pipelines-agent-weak-permission-vuln.md