CVE-2021-22682

Summary

Cscape (All versions prior to 9.90 SP4) is configured by default to be installed for all users, which allows full permissions, including read/write access. This may allow unprivileged users to modify the binaries and configuration files and lead to local privilege escalation.

Affected Software

VendorProductVersion RangeStatus
n/aCscapeAll versions prior to 9.90 SP4affected

Weaknesses

  • CWE-284: IMPROPER ACCESS CONTROL CWE-284

ADP Enrichment

CVE Program Container

Additional References

References