Privilege Escalation

2021-05-0313:24:31

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

github.com/pritunl/pritunl-client-electron is vulnerable to privilege escalation. An attacker may exploit the vulnerability by leveraging on the log and log-append along with log injection to create or append to privileged script files and execute code as root/SYSTEM.

CPENameOperatorVersion
github.com/pritunl/pritunl-client-electronle1.0.2440.93

CPE	Name	Operator	Version
	github.com/pritunl/pritunl-client-electron	le	1.0.2440.93

References

github.com/pritunl/pritunl-client-electron/commit/87ceeae9b8ee415541d7d71de10675e699a76e5e

github.com/pritunl/pritunl-client-electron/commit/87ceeae9b8ee415541d7d71de10675e699a76e5e#diff-5c6a264bee3576f2a147b8db70332e9a16dd43d073782cf6d32a372abb22b899

github.com/pritunl/pritunl-client-electron/commit/c0aeb159351e5e99d752c27b87133eca299bdfce

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for VERACODE:30327