CVE-2018-19666

The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server.
References
Link Resource
https://github.com/ossec/ossec-hids/issues/1585 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ossec:ossec:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:*

Information

Published : 2018-11-29 00:29

Updated : 2019-01-04 08:08


NVD link : CVE-2018-19666

Mitre link : CVE-2018-19666


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

wazuh

  • wazuh

microsoft

  • windows

ossec

  • ossec