CVE-2020-5798
N/A
N/A
Summary
inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain privileges of a root user from a lower privileged user due to improper integrity checks and directory permissions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Druva inSync macOS Client Installers for v6.8.0 and prior | Druva inSync macOS Client Installers for v6.8.0 and prior | affected |
Weaknesses
- Privilege Escalation
ADP Enrichment
CVE Program Container
Additional References
- https://www.tenable.com/security/research/tra-2020-67
- https://www.tenable.com/security/research/tra-2020-67%2Chttps://docs.druva.com/001_inSync_Cloud/Cloud/010_Release_Details/010_inSync_Cloud_Updates
References
- https://www.tenable.com/security/research/tra-2020-67
- https://www.tenable.com/security/research/tra-2020-67%2Chttps://docs.druva.com/001_inSync_Cloud/Cloud/010_Release_Details/010_inSync_Cloud_Updates
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.