CVE-2018-10604

Summary

SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution.

Affected Software

VendorProductVersion RangeStatus
Schweitzer Engineering Laboratories, Inc.Compass3.0.5.1 and prioraffected

Weaknesses

  • CWE-276: INCORRECT DEFAULT PERMISSIONS CWE-276

ADP Enrichment

CVE Program Container

Additional References

References