漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Local privilege escalation in FlexNet Publisher
Vulnerability Description
A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted openssl.conf file leading to the execution of a malicious DLL (Dynamic-Link Library) with elevated privileges.
CVSS Information
N/A
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Flexera FlexNet Publisher 安全漏洞
Vulnerability Description
Flexera FlexNet Publisher(FLEXlm)是美国Flexera公司的一款授权关系管理解决方案(Entitlement Relationship Management Solution)中的软件授权管理核心组件。该产品可为软件与硬件生产商提供定价、打包和定制软件授权期限。 Flexera FlexNet Publisher 2024 R1之前版本存在安全漏洞,该漏洞源于lmadmin.exe配置错误导致路径劫持。
CVSS Information
N/A
Vulnerability Type
N/A