Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple Privilege Escalation Vulnerabilities in SAPCAR
Vulnerability Description
SAPCAR allows an attacker logged in with high privileges to override the permissions of the current and parent directories of the user or process extracting the archive, leading to privilege escalation. On successful exploitation, an attacker could modify the critical files by tampering with signed archives without breaking the signature, but it has a low impact on the confidentiality and availability of the system.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:L
Vulnerability Type
特权授予不正确
Vulnerability Title
SAP SAPCAR 安全漏洞
Vulnerability Description
SAP SAPCAR是德国思爱普(SAP)公司的一款用于压缩和/或解压缩 SAP 存档文件的实用程序。。 SAP SAPCAR存在安全漏洞,该漏洞源于高权限用户可覆盖目录权限,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A