Elevation of Privilege
This document lists out and explains the privilege-elevation vulnerabilities that have been reported.
| Serial No. |
Vulnerabilities |
Fix Released on |
Reported by |
| 1 |
CVE-2019-12133 |
30-April-2019 |
Hashim Jawad from ACTIVELabs |
| 2 |
CVE-2018-13411, CVE-2018-13412 |
23-Aug-2018 |
Abdullah AlJaber |
| 3 |
CVE-2018-12999 |
26-July-2018 |
DBAppSecurity |
| 4 |
CVE-2018-5339 and CVE-2018-5340 |
24-April-2018 |
NCC Group Security Advisory |
| 5 |
CVE-2018-5337, CVE-2018-5338, CVE-2018-5341 |
27-March-2018 |
NCC Group Security Advisory |
What was the problem?
- Improper permissions of C:\ManageEngine directory which allowed non-privileged users to escalate privileges to NT AUTHORITY\SYSTEM.
- Unauthorised users whose computer is installed with Endpoint Central Agent were able to access command prompt with SYSTEM privilege.
- Unauthenticated users were able to delete files from Endpoint Central server machine.
- Unauthorised users were able to execute queries to alter entries in database.
- Unauthenticated users were able to:
- Execute queries (Query type restriction by-pass) on Endpoint Central Server.
- Execute any web executable throughout the network using directory traversal or file type restriction by-pass.
How do I fix it?
These vulnerabilities have been identified and fixed. To apply the fix, follow the steps mentioned below:
- Log in to your Endpoint Central console, click on your current build number on the top right corner.
- You can find the latest build applicable to you. Download the PPM and update.
Keywords: Query Execution, Security Updates, Vulnerabilities and Fixes.
Free Edition