漏洞标题
N/A
漏洞描述信息
CloudCTI HIP 整合器识别配置工具通过其 EXQUISE 集成允许权限提升。此工具通过不安全的通信渠道(命名管道)与一个服务(识别更新客户端服务)进行通信。通过这个渠道发送的数据(JSON)用于使用插件(.dll 文件)从 CRM 软件中导入数据。说服插件(DatasourceExquiseExporter.dll)从 EXQUISE 软件中启动具有与识别更新客户端服务(NT AUTHORITY\SYSTEM)相同的权限的任意程序(包括批处理文件),从而提升权限。这是因为较高的特权进程从由较低特权用户可写的目录中执行脚本。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service (Recognition Update Client Service) via an insecure communication channel (Named Pipe). The data (JSON) sent via this channel is used to import data from CRM software using plugins (.dll files). The plugin to import data from the EXQUISE software (DatasourceExquiseExporter.dll) can be persuaded to start arbitrary programs (including batch files) that are executed using the same privileges as Recognition Update Client Service (NT AUTHORITY\SYSTEM), thus elevating privileges. This occurs because a higher-privileged process executes scripts from a directory writable by a lower-privileged user.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
CloudCTI HIP Integrator Recognition Configuration Tool 安全漏洞
漏洞描述信息
CloudCTI HIP Integrator Recognition Configuration Tool是荷兰CloudCTI公司的一款集成商识别配置工具。 CloudCTI HIP Integrator Recognition Configuration Tool中存在安全漏洞,该漏洞源于高权限进程可以从低权限用户可写入的目录中执行脚本。攻击者可利用该漏洞提升权限。
CVSS信息
N/A
漏洞类别
其他