Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and versions that may be deployed and in use across an IT environment. A privilege-escalation vulnerability exists if CPUID is enabled, and thus it should be disabled via configuration settings.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HSnowsoftware Snow Inventory Agent
APPSnowsoftware5.3.1 – 6.7.0
Powiązane podatności
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow...
Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on Unix allows...
Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signat...
A vulnerability in Snow Snow Agent for Windows allows a non-admin user to cause arbitrary deletion of files. T...
Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and includi...