RSS   Vulnerabilities for 'Insightappsec'   RSS

2019-08-19
 
CVE-2019-5631

CWE-426
 

 
The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privileges with this vulnerability to the privilege level of InsightAppSec (usually, SYSTEM). This issue affects version 2019.06.24 and prior versions of the product.

 

 >>> Vendor: Rapid7 9 Products
Nexpose
Appspider pro
Metasploit
Insight collector
Komand
Insightvm
Insight agent
Insightappsec
Appspider


Copyright 2021, cxsecurity.com

 

Back to Top