Vulnerability CVE-2020-36771


Published: 2024-01-22

Description:
CloudLinux
CageFS 7.1.1-1 or below passes the authentication token as command line
argument. In some configurations this allows local users to view it via
the process list and gain code execution as another user.


See advisories in our WLB2 database:
Topic
Author
Date
Med.
CloudLinux CageFS 7.1.1-1 Token Disclosure
David Gnedt
27.01.2024

 References:
https://blog.cloudlinux.com/cagefs-lve-wrappers-and-bsock-have-been-rolled-out-to-100

Copyright 2024, cxsecurity.com

 

Back to Top