CVE-2011-2921

Critical

ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can…

redhat·CWE-273·Published 2019-11-19

CVSS

9.8

EPSS

0.83

KEV

Exploits

cve.orgen

186 chars

ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.

NVDen

186 chars

ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.

ktsuss versiones 1.4 y anteriores, posee el uid establecido en root y no elimina los privilegios antes de ejecutar comandos especificados por parte del usuario, lo que puede resultar en la ejecución de comandos con privilegios de root.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H