RSS   Vulnerabilities for 'Self service'   RSS

2019-02-25
 
CVE-2019-9146

CWE-254
 

 
Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain a root shell by leveraging the "publish Bash shell scripts" feature to insert "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream.

 

 >>> Vendor: JAMF 4 Products
Casper suite
Self service
JAMF
Private access


Copyright 2024, cxsecurity.com

 

Back to Top