Vulnerability CVE-2020-28169
Published: 2020-12-24

Description:
The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Fluentd TD-agent 4.0.1 Insecure Folder Permission
Adrian Bondocea
05.01.2021

Type:

CWE-732

CVSS2 => (AV:L/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.9/10
10/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
https://docs.fluentd.org/installation/install-by-msi
https://github.com/fluent/fluentd/issues/3201
https://github.com/fluent-plugins-nursery/td-agent-builder/pull/247/commits/6f9cb6393392d62caa99907c0ebbcbab6b94a3f1
https://github.com/kenhys/td-agent-builder/commit/eec6e2dedf12f2e0c01c2bbe7b8c15b639b3b938
https://td-agent-package-browser.herokuapp.com/4/windows
https://www.fluentd.org/
Copyright 2024, cxsecurity.com

 

Back to Top