Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AppDynamics .NET Agent Privilege Escalation Vulnerability
Vulnerability Description
A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a device that is running the vulnerable agent could create a custom process that would be launched with those SYSTEM privileges. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system. This vulnerability is fixed in AppDynamics .NET Agent Release 21.7.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
AppDynamics.NET Agent for Windows 安全漏洞
Vulnerability Description
AppDynamics.NET Agent for Windows是用于要监视 IIS 应用程序、Windows 服务或独立应用程序。 AppDynamics.NET Agent for Windows 21.7之前版本存在安全漏洞,该漏洞源于.NET代理协调器服务以系统权限执行代码。攻击者可通过该漏洞利用经过身份验证的本地用户帐户获得系统权限,进而在底层操作系统上执行任意命令
CVSS Information
N/A
Vulnerability Type
N/A