CVE-2017-6554

pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:quest:privilege_manager:6.0.0-27:*:*:*:*:*:*:*
cpe:2.3:a:quest:privilege_manager:6.0.0-50:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-04-14 18:59

Updated : 2024-02-04 19:11


NVD link : CVE-2017-6554

Mitre link : CVE-2017-6554

CVE.ORG link : CVE-2017-6554


JSON object : View

Products Affected

quest

  • privilege_manager
CWE
CWE-20

Improper Input Validation