Insecure Temporary File Permissions in BeyondTrust Privilege Management
CVE-2021-42254

7.8HIGH

Key Information:

Vendor: Beyondtrust
Status: Privilege Management For Windows
Vendor: CVE Published:; 19 November 2021

🔔 Create Beyondtrust Vulnerability Alert

What is CVE-2021-42254?

BeyondTrust Privilege Management prior to version 21.6 is susceptible to a security flaw that allows the creation of temporary files in a directory with insecure permissions. This weakness could potentially be exploited to manipulate sensitive information, leading to unauthorized access and other security concerns. It is advised that users of the affected versions take immediate steps to update their systems and mitigate the risks associated with this vulnerability.

References

https://www.beyondtrust.com/blog

x_refsource_MISC

https://github.com/mandiant/Vulnerability-Disclosures/blo...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 19, 2021
Vulnerability Reserved
Oct 11, 2021