CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-35230

MEDIUM
6.7
CVSS Severity Score
EPSS Score0.0340%
EPSS Percentile11.78th
Published2021年10月22日
Last Modified2024年11月21日

Vulnerability Description

As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry.

Affected Platforms (CPE)

📦
Solarwinds

Kiwi Cattools

< 3.11.9

References & Advisories

🔗 https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35230
🔗 https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35230

相关漏洞威胁

CVE-2007-088810.0

Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remote attackers to read arbitrary ...

CVE-2007-08894.6

Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiw...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...