Lucene search
HistoryJul 29, 2022 - 5:15 p.m.
CVE-2022-35631
symlink
attack
macos
linux
velociraptor
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0
Percentile
12.6%
On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2.
Affected configurations
Node
rapid7velociraptorRange<0.6.5-2
applemacosMatch-
ORlinuxlinux_kernelMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| rapid7 | velociraptor | * | cpe:2.3:a:rapid7:velociraptor:*:*:*:*:*:*:*:* |
| apple | macos | - | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
| linux | linux_kernel | - | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-35631 Filesystem race on temporary files
2022-07-29 17:00:46
prion
prion
Remote file inclusion
2022-07-29 17:15:00
cve
cve
CVE-2022-35631
2022-07-29 17:15:09
rapid7blog
rapid7blog
CVE-2022-35629..35632 Velociraptor Multiple Vulnerabilities (FIXED)
2022-07-26 17:15:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS
0
Percentile
12.6%
Related for NVD:CVE-2022-35631