Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20240904-14
HistorySep 04, 2024 - 12:00 a.m.

ROS-20240904-14

2024-09-0400:00:00
redos.red-soft.ru
1
performance co-pilot
pcp
vulnerability
mixed privilege levels
information disclosure
exploitation
symbolic link attack
isolation
pmproxy
arbitrary commands
unix

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

Low

JSON

A vulnerability in Performance Co-Pilot performance monitoring and visualization software
(PCP) is related to the mixed privilege levels used by systemd services associated with PCP.
Exploitation of the vulnerability could allow an attacker to execute a symbolic link attack
and break the isolation of the PCP user

Vulnerability in the pmproxy component of performance monitoring and visualization software
Performance Co-Pilot (PCP) is related to the disclosure of information in an erroneous data area. Exploitation of the
The vulnerability could allow an attacker acting remotely to execute arbitrary commands

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64pcp< 6.2.0-1UNKNOWN

Related

osv 5
almalinux 3
ubuntucve 2
oraclelinux 3
cvelist 2
nessus 18
redhatcve 2
cve 2
debiancve 2
vulnrichment 2
redhat 9
prion 1
nvd 2
veracode 1
rocky 2
ibm 1
osv
osv
Moderate: pcp security update
2024-04-30 00:00:00
Important: pcp security, bug fix, and enhancement update
2024-05-10 14:32:42
Important: pcp security update
2024-06-14 13:59:30
almalinux
almalinux
Moderate: pcp security update
2024-04-30 00:00:00
Important: pcp security, bug fix, and enhancement update
2024-04-30 00:00:00
Important: pcp security update
2024-05-22 00:00:00
ubuntucve
ubuntucve
CVE-2023-6917
2024-02-28 00:00:00
CVE-2024-3019
2024-03-28 00:00:00
oraclelinux
oraclelinux
pcp security update
2024-05-03 00:00:00
pcp security update
2024-05-29 00:00:00
pcp security, bug fix, and enhancement update
2024-05-08 00:00:00
cvelist
cvelist
CVE-2023-6917 Pcp: unsafe use of directories allows pcp to root privilege escalation
2024-02-28 14:38:19
CVE-2024-3019 Pcp: exposure of the redis server backend allows remote command execution via pmproxy
2024-03-28 18:32:43
nessus
nessus
RHEL 9 : pcp (RHSA-2024:2213)
2024-04-30 00:00:00
RHEL 7 : pcp (Unpatched Vulnerability)
2024-05-11 00:00:00
Oracle Linux 9 : pcp (ELSA-2024-2213)
2024-05-06 00:00:00
redhatcve
redhatcve
CVE-2023-6917
2024-02-28 14:39:28
CVE-2024-3019
2024-03-27 17:56:21
cve
cve
CVE-2023-6917
2024-02-28 15:15:07
CVE-2024-3019
2024-03-28 19:15:49
debiancve
debiancve
CVE-2023-6917
2024-02-28 15:15:07
CVE-2024-3019
2024-03-28 19:15:49
vulnrichment
vulnrichment
CVE-2023-6917 Pcp: unsafe use of directories allows pcp to root privilege escalation
2024-02-28 14:38:19
CVE-2024-3019 Pcp: exposure of the redis server backend allows remote command execution via pmproxy
2024-03-28 18:32:43
redhat
redhat
(RHSA-2024:2213) Moderate: pcp security update
2024-04-30 06:15:04
(RHSA-2024:3324) Important: pcp security, bug fix, and enhancement update
2024-05-23 09:04:07
(RHSA-2024:3264) Important: pcp security update
2024-05-22 10:41:23
prion
prion
Privilege escalation
2024-02-28 15:15:00
nvd
nvd
CVE-2023-6917
2024-02-28 15:15:07
CVE-2024-3019
2024-03-28 19:15:49
veracode
veracode
CVE-2023-6917
2024-03-04 16:25:12
rocky
rocky
pcp security, bug fix, and enhancement update
2024-05-10 14:32:42
pcp security update
2024-06-14 13:59:30
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-07-22 17:27:27

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

Low

JSON
Related for ROS-20240904-14
osv5almalinux3ubuntucve2oraclelinux3cvelist2nessus18redhatcve2cve2debiancve2vulnrichment2redhat9prion1nvd2veracode1rocky2ibm1