Filtered by vendor Cloudflare
Subscribe
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24356 | 1 Cloudflare | 1 Cloudflared | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| `cloudflared` versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, `cloudflared` searches for configuration files which could be abused by a malicious entity to execute commands as a privileged user. Version 2020.8.1 fixes this issue. | |||||
| CVE-2020-35152 | 1 Cloudflare | 1 Warp | 2021-02-05 | 4.6 MEDIUM | 7.8 HIGH |
| Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1. | |||||