CVE-2018-1000209 Vulnerability Details

  /     /     /  

CVE-2018-1000209 Metadata Quick Info

CVE Published: 13/07/2018 | CVE Updated: 17/09/2024 | CVE Year: 2018
Source: mitre | Vendor: n/a | Product: n/a
Status : PUBLISHED

CVE-2018-1000209 Description

Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via Unprivileged user may place an arbitrary DLL in the c:\opt\sensu\embedded\bin directory in order to exploit standard Windows DLL load order behavior. This vulnerability appears to have been fixed in 1.4.2-3 and later.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: n/a
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2018-1000209 Vulnerability Details