Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
APM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer
Vulnerability Description
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Elastic 安全漏洞
Vulnerability Description
Elastic是荷兰Elastic公司的一套基于Lucene构建的开源分布式RESTful搜索引擎。该产品主要应用于云计算,并支持通过HTTP使用JSON进行数据索引。 Elastic存在安全漏洞,该漏洞源于目录权限处理不当,可能导致本地权限提升。
CVSS Information
N/A
Vulnerability Type
N/A