漏洞标题
通过 'vi' 编辑器接口利用 Akkadian Provisioning Manager Engine (PME) 壳 escapes
漏洞描述信息
通过'vi'编辑器接口利用Akkadian Provisioning Manager Engine (PME)的Shell逃逸
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
漏洞类别
N/A
漏洞标题
Akkadian Provisioning Manager Engine (PME) Shell Escape via 'vi' editor interface
漏洞描述信息
The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. This command launches a standard vi editor interface which can then be escaped. This issue was resolved in Akkadian OVA appliance version 3.0 (and later), Akkadian Provisioning Manager 5.0.2 (and later), and Akkadian Appliance Manager 3.3.0.314-4a349e0 (and later).
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
漏洞类别
特权管理不恰当
漏洞标题
Akkadian Provisioning Manager 安全漏洞
漏洞描述信息
Akkadian Provisioning Manager是美国Akkadian公司的一种配置解决方案,用于更强大的供应自动化的新集成。 Akkadian Provisioning Manager Engine (PME)存在安全漏洞,该漏洞允许未经授权的攻击者可对受影响设备的根级shell访问。
CVSS信息
N/A
漏洞类别
其他